Hvac Tenders

Details: Date: March 4, 2024 Competitive Bid Issued By: Agriculture Financial Services Corporation Competitive Bids For: It Security Consultant To Provide Penetration Tests And Vulnerability Assessment For Afsc Competitive Bid #: Rfp 0696 Contracted Service: Penetration Test And Vulnerability Assessment Provider Closing: March 26, 2024 Afsc Buyer: Kathy Walker Title: Buyer, Business Services Address: Afsc Purchasing Department 5718 56th Avenue Lacombe, Alberta T4l 1b1 E-mail: Rfp@afsc.ca Table Of Contents: Terms And Conditions - 1 - 1.0 Introduction - 1 - 1.1 Definitions - 1 - 1.2 Mandatory Requirements And Desirable Provisions - 1 - 1.3 Confidentiality And Security Of Information - 2 - 1.4 Material Ownership - 2 - 1.5 Conflict Of Interest - 2 - 1.6 Inaccuracies Or Misrepresentations - 3 - 1.7 Inquiries - 3 - 1.8 Blackout Period - 4 - 1.9 Liability For Errors - 4 - 1.10 Notification Of Changes - 4 - 1.11 Vendor’s Expenses - 5 - 1.12 Short Listing - 5 - 1.13 Resource Replacement - 5 - 1.14 Freedom Of Information And Protection Of Privacy - 5 - 1.15 Reservation Of Rights - 6 - 1.16 Competitive Bid Administration - 6 - 1.17 Afsc’s Policies And Procedures For Security And Training On Site - 7 - 1.18 Vendor Debriefing - 7 - 2.0 Statement Of Work - 8 - 2.1 Introduction - 8 - 2.2 Background - 8 - 2.3 Objectives - 9 - 2.3.1 Penetration Testing Services - 9 - 2.3.1.1 Network Penetration Testing Services - 10 - 2.3.1.2 Application Penetration Testing Services - 10 - 2.3.1.3 Social Engineering Testing Services - 10 - 2.3.2 Vulnerability Assessment Services - 10 - 2.3.3 Web Application Penetration Testing Services - 11 - 2.3.4 Red Teaming Exercise - 11 - 2.3.5 Additional Services - 11 - 2.3.6 Security Policy Review. Continuous Threat Exposure Management (ctem) - 12 - 2.4 Duration - 12 - 2.5 Requirements - 12 - 2.5.1 Preferred Requirements - 12 - 2.5.2 Optional Requirements - 16 - 2.5.3 Training - 18 - 2.6 Corporate Capabilities And Executive Summary - 18 - 2.7 Resources - 18 - 2.8 Value Add - 19 - 2.9 Approach - 19 - 2.10 Security - 20 - 2.10.1 Data Classification - 20 - 2.11 Technology Information - 20 - 2.12 Documentation - 20 - 2.13 Additional Information - 21 - 2.14 Disclosure - 22 - 2.15 Pricing - 22 - 3.0 Evaluation - 23 - 4.0 Contract Review - 26 - 4.1 Negotiations - 27 - 5.0 Master Schedule - 27 - 6.0 Proposal Submission Guidelines - 29 - 6.1 Proposal Format - 29 - 6.2 Proposal Submissions - 31 - Terms And Conditions 1.0 Introduction Agriculture Financial Services Corporation (afsc) Is An Alberta Provincial Crown Corporation Under The Ministry Of Agriculture And Irrigation. Afsc’s Core Programs Include Business Risk Management Programs And Services To The Agriculture Industry As Well As Lending Products And Services To Farmers’ Agribusinesses, Value Added Enterprises And Commercial Operations. More Detailed Information About Afsc Is Available On The Website Www.afsc.ca. The Objective Of This Competitive Bid Is For Afsc To Solicit Proposals From Those Qualified In Providing The Specified Services Described Under Section 2.0 Of This Competitive Bid. 1.1 Definitions The Following Abbreviations And Terminology Are Used Throughout This Competitive Bid: Term Description Personnel Employees, Contractors, Subcontractors And Agents Of The Vendor. Vendor Any Business That Is Registered In Canada And Is Authorized To Operate In Alberta, Proposing To Submit A Proposal To The Competitive Bid. Competitive Bid Competitive Bid (rfp), Request For Quote (rfq), Value Based Request (vbr), Notice Of Proposed Procurement (npp), Request For Information (rfi), Request For Comment (rfc) Statement Of Work The Services Required By This Competitive Bid As Described In Section 2.0 Of This Competitive Bid. Contract Monitor Afsc Representative That Will Be Responsible For The Management Of The Contract That May Result From This Competitive Bid. 1.2 Mandatory Requirements And Desirable Provisions Proposals That Do Not Comply With The Competitive Bid Requirements Will Be Rejected. “must”, “shall”, “mandatory” And “will” Mean A Requirement That Must Be Met In Order For The Proposal To Receive Consideration. For Mandatory Requirements, The Vendor Must Provide Sufficient Information In The Proposals To Sustain Compliance To The Competitive Bid’s Mandatory Requirements. “should” And “desirable” Mean A Provision Having A Significant Degree Of Importance To The Objectives Of The Competitive Bid. For Desirable/optional Provisions, The Vendor’s Proposal Should Provide Details Of How The Desirable/optional Provisions Are Addressed. 1.3 Confidentiality And Security Of Information The Vendor And The Vendor’s Personnel Shall: A) Keep Strictly Confidential All Information Concerning Afsc Or Third Parties, Or Any Of The Business Or Activities Of Afsc Or Third Parties Acquired As Result Of Participation In The Competitive Bid; B) Only Use, Copy Or Disclose Such Information As Necessary For The Purpose Of Submitting A Proposal Or Upon Written Authorization Of Afsc. The Vendor Shall Maintain Security Standards, Including Control Of Access To Data And Other Information, Consistent With The Highest Standards Of Business Practice In The Vendor’s Industry. 1.4 Material Ownership Ownership In All Materials Including Copyright, Patent, Trade Secret, Industrial Design Or Trademark That Are Made, Prepared, Developed, Generated, Produced Or Acquired Under Or In Relation To The Competitive Bid And Any Subsequent Contract By The Vendor, The Vendor’s Employees, Subcontractors Or Agents Belongs To Afsc As They Are Made, Prepared, Developed, Generated, Produced Or Acquired. Any Such Materials Shall Be Delivered To Afsc Upon Completion Or Termination Of The Competitive Bid. The Vendor: A) Irrevocably Waives In Whole All Moral Rights. B) Shall Ensure That Its Employees, Subcontractors, And Agents Irrevocably Waive In Whole All Moral Rights To The Materials Made, Prepaid, Developed, Generated Produced, Or Acquired Under The Competitive Bid And Any Subsequent Contract And Declares That These Waivers Shall Operate In Favour Of Afsc And Afsc’s Assignees And Licenses. 1.5 Conflict Of Interest Vendor(s) Must Fully Disclose, In Writing To Afsc On Or Before The Closing Date Of The Competitive Bid, The Circumstances Of Any Possible Conflict Of Interest Or What Could Be Perceived As A Possible Conflict Of Interest If The Vendor Were To Become A Contracting Party Pursuant To The Competitive Bid. Afsc Will Review Any Submissions By Vendor(s) Under This Provision And May Reject Any Proposals Where, In The Sole Opinion Of Afsc, The Vendor Could Be In A Conflict Of Interest Or Could Be Perceived To Be In A Possible Conflict Of Interest Position If The Vendor Were To Become A Contracting Party Pursuant To The Competitive Bid. 1.6 Inaccuracies Or Misrepresentations If, During The Competitive Bidding Process, Afsc Determines That The Vendor Has Made A Material Misstatement Or Misrepresentation Or That Materially Inaccurate Information Has Been Provided To Afsc, The Vendor Will Be Disqualified From The Competitive Bidding Process. 1.7 Inquiries All Inquiries Related To This Competitive Bid Must Be Addressed To The Afsc Buyer On Or Before The Date Specified In The Master Schedule And As Per The Following: A) Inquiries Must Be Sent By E-mail To The Afsc Buyer At Rfp@afsc.ca, Utilizing The Q&a Template Provided. B) No Telephone Inquiries Will Be Accepted. C) No Additional Information Or Clarifications Will Be Provided To Inquiries Received After The Applicable Deadline. D) To Be Considered, All Inquiries Must Provide The Following Vendor Information: • Name Of Primary Contact • Address • Telephone Number • E-mail Address • Competitive Bid Reference Number. E) All Inquiries Received Will Be Reviewed By Afsc. F) All Inquiries Will Be Compiled And Answered In The Form Of Written Addendum(s) Issued By Afsc Via Alberta Purchasing Connection (apc) To All Prospective Vendor(s). G) Vendor(s) Are Advised That All Inquiries Answered By Afsc Will Be Provided Verbatim In Writing To All Prospective Vendor(s). H) Inquiries That May Contain Proprietary Or Confidential Information Of A Vendor May Be Answered Exclusively To The Submitting Vendor (afsc Will Direct The Correspondence Regarding This Inquiry Only To The Vendor’s Primary Contact) Provided The Addendum Does Not: • Require A Modification To This Competitive Bid; Or • Potentially Provide An Undue Advantage In The Competitive Process. I) If Either Of The Above Situations (h) Arises, Afsc Reserves The Right To: • Request The Vendor Reword And Resubmit The Inquiry; Or • Decline To Provide A Response. J) Afsc Reserves The Right To Not Disclose Information In Conjunction With This Competitive Bid On Any Inquiry That Requires Releasing Information That Afsc, In Its Sole Discretion, Regards As Confidential To Afsc. K) Afsc Reserves The Right In Any Event To Decline To Provide A Proposal For Any Reason In Its Sole Discretion. L) It Is The Vendor’s Responsibility To Notify Afsc, In Writing, And In Advance, Of Any Change In The Vendor(s) Primary Contact Information. M) Afsc Assumes No Responsibility Or Liability Arising From Information Obtained In A Manner Other Than As Described In This Competitive Bid. 1.8 Blackout Period With Respect To The Competitive Bid, Afsc Prohibits Communications Initiated By A Vendor To Any Afsc Employee, Other Than The Purchasing Department, For The Period Of Time From The Submission Date Of The Competitive Bid Up To And Including The Date Of Contract Award Resulting From This Competitive Bid. Any Communication Between A Vendor And Afsc During The Blackout Period Will Be Initiated By Afsc, In Writing, For The Purpose Of Obtaining Information Or Clarification Necessary To Ensure A Proper And Accurate Evaluation Of The Proposal. Any Communication Initiated By A Vendor During The Blackout Period May Be Grounds For Disqualifying The Offending Vendor From Further Consideration For The Acquisition And/or Any Future Afsc Solicitations. Afsc Will Notify All Vendors Upon Award Of A Contract From This Requisition. Accordingly, Vendors Are Asked To Refrain From Requesting Status Updates During The Proposal Evaluation Process. Vendors Who Are Currently Engaged In An Active Contract With Afsc May Continue To Communicate Directly With The Afsc Contract Monitor As It Relates To Activities Covered Under The Active Contract. 1.9 Liability For Errors While Every Effort Is Taken To Ensure An Accurate Representation Of Information In This Competitive Bid, Afsc Shall Not Be Liable Or Accountable For Any Error Or Omission In Any Part Of This Competitive Bid. 1.10 Notification Of Changes Any Changes To This Competitive Bid, As Well As The Response(s) To Inquiries, Will Be Posted As An Addendum On The Alberta Purchasing Connection (apc). Vendors Should Routinely Check Apc For Amendments And Adhere To Any Amendment Requirements. In The Event Of A Directed Competitive Bid, Vendors Should Routinely Check The Email Address The Bid Was Delivered To For Amendments. 1.11 Vendor’s Expenses Vendors Are Solely Responsible For Their Own Expenses In Preparing The Proposal, As Well As Any Subsequent Proposals, Including Any Costs Associated With Attendance To Information Sessions, Site Tours Or A Potential Short-listed Vendor’s Interview With Afsc. 1.12 Short Listing A Shortlist Of Vendors May Be Established. Short Listed Vendors May Be Requested To Make Formal Presentations, Regarding Their Proposal To Afsc. Key Vendor Management And Technical Personnel Will Be Expected To Participate In The Presentations. This Process Is Used To Validate Claims Made In The Proposal And Confirm The Vendor’s Ability To Meet The Requirements In The Competitive Bid. These Presentations Must Be Made At No Cost To Afsc. Based On Information Obtained At The Presentation, Vendors’ Scores May Be Adjusted. 1.13 Resource Replacement Resource Replacement Is Not Encouraged, However, There Could Be Circumstances Following The Competitive Bids Closing Date And Prior To Contract Execution That A Vendor May Request That A Proposed Resource Be Replaced. Any Proposed Resource Replacement Must Have, In The Opinion Of Afsc, Equivalent Or Better Qualifications Than The Originally Proposed Resource. Vendors Will Not Receive Additional Credit In The Evaluation Process If The Qualifications Of The Replacement Resource Exceed Those Of The Original Resource. Afsc Reserves The Right To Deny Any Request For Replacement And Reject Any Proposed Replacement. 1.14 Freedom Of Information And Protection Of Privacy The Vendor Acknowledges That: A) The Freedom Of Information And Protection Of Privacy Act Of Alberta (foip) Applies To All Information And Records Relating To, Or Obtained, Generated, Created, Collected Or Provided Under The Competitive Bid And Any Subsequent Contract And Which Are In The Custody Or Control Of Afsc. Foip Allows Any Person A Right Of Access To Records In Afsc’s Custody Or Control, Subject To Limited And Specific Exceptions As Set Out In Foip. B) Foip Imposes An Obligation On Afsc, And Through The Competitive Bid And Any Subsequent Contract On The Vendor(s), To Protect The Privacy Of Individuals To Whom Information Relates. The Vendor(s) Will Protect The Confidentiality And Privacy Of Any Individual’s Personal Information Accessible To The Vendor(s) Or Collected By The Vendor(s) Pursuant To The Competitive Bid And Any Subsequent Contract. C) The Vendor(s), If It Considers Portions Of Its Proposal To Be Confidential, Will Identify Those Parts Of Its Proposal To Afsc Considered To Be Confidential And What Harm Could Reasonably Be Expected From Disclosure. Afsc Does Not Warrant That This Identification Will Preclude Disclosure Under Foip. D) Materials Produced By The Vendor(s), In Connection With Or Pursuant To The Competitive Bid And Any Subsequent Contract, Which Are The Property Afsc Pursuant To The Competitive Bid And Any Subsequent Contract, Could Be Considered Records Under The Control Of A Public Body And Could Therefore Also Be Subject To The Foip Before Delivery To Afsc. As Such, The Vendor Must Conduct Itself To A Standard Consistent With Foip In Relation To Such Materials. E) For The Records And Information Obtained Or Possessed By The Vendor(s) In Connection With Or Pursuant To The Competitive Bid And Any Subsequent Contract, And Which Are In The Custody Or Control Of Afsc, The Vendor(s) Must Conduct Itself To A Standard Consistent With Foip When Providing The Services Or Carrying Out The Duties Or Other Obligations Of The Vendor Under The Competitive Bid And Any Subsequent Contract. The Purpose For Collecting Personal Information For The Competitive Bid Is To Enable Afsc To Ensure The Accuracy And Reliability Of The Information, To Evaluate The Proposal, And For Other Related Program Purposes Of Afsc. Authority For This Collection Is The Government Organization Act, As Amended From Time To Time. The Vendor(s) May Contact The Buyer Identified In The Competitive Bid Regarding Any Questions About Collection Of Information Pursuant To The Competitive Bid. 1.15 Reservation Of Rights Afsc Reserves The Right In Its Sole Discretion To: A) Accept Or Reject Any Or All Proposals. B) Disqualify A Vendor In The Event That, In Afsc’s Opinion, The Proposal Does Not Contain Sufficient Information To Permit A Thorough Evaluation. C) Verify The Validity Of The Information Supplied And To Reject Any Proposal Where The Contents Appear To Be Incorrect Or Inaccurate In Afsc’s Estimation. D) Seek Proposal Clarification At Any Time With Vendor(s) To Assist In Making Evaluations. E) Accept Proposals In Whole Or In Part. F) Accept A Proposal With Only Minor Non-compliance. G) Retain One Copy And Destroy And Dispose Of All Other Copies Of Any And All Proposals Received By Afsc. H) Cancel This Competitive Bid Process At Any Stage, Without Award Or Compensation To Vendors, Their Officers, Directors, Employees Or Agents, Without Assigning Any Reasons. 1.16 Competitive Bid Administration The Proposal Must Indicate That The Vendor Accepts The Procedures Set Down In This Competitive Bid. In Accordance With This Competitive Bid, The Vendor, If It Considers Portions Of Its Proposal To Be Confidential, Shall Identify Those Parts Of Its Proposal To Afsc Considered To Be Confidential And What Harm Could Reasonably Be Expected From Disclosure. Afsc Does Not Warrant That This Identification Will Preclude Disclosure Under Foip. 1.17 Afsc’s Policies And Procedures For Security And Training On Site The Vendor, Its Employees, Subcontractors, And Agents When Using Any Of Afsc’s Buildings, Premises, Equipment, Hardware Or Software Shall Comply With All Safety And Security Policies, Regulations Or Directives Relating To Those Buildings, Premises, Equipment, Hardware Or Software That Are Promulgated By Afsc From Time To Time. The Vendor’s Employees, Subcontractors And Agents Shall Comply, As Applicable, With All Provisions Of The Alberta Occupational Health And Safety Act, Occupational Health And Safety Regulation And Occupational Health And Safety Code With Respect To The Provision Of Services And Materials. When The Workers’ Compensation Act (alberta), As Amended, Applies, And Upon Request From Afsc, Deliver To Afsc A Certificate From The Workers’ Compensation Board Showing That The Vendor Is Registered And In Good Standing With The Board. 1.18 Vendor Debriefing The Corporate Purchasing Section Will, At The Request Of An Unsuccessful Vendor Who Responded To This Competitive Bid, Conduct A Debriefing After Contract Award For The Purpose Of Informing The Vendor On The Reasons Their Proposal Was Not Selected.   2.0 Statement Of Work 2.1 Introduction Agriculture Financial Services Corporation (afsc), As Part Of Its Vulnerability Management Program Is Seeking The Services Of An Information Technology Security Vendor To Carry Out Third-party Assessment Of Afsc It Systems And Infrastructure Using Various Techniques And Services As Specified In 2.3 Of The Scope Of Work To Evaluate The Effectiveness Of The Existing Security Controls And To Provide Input Into The Development Of Security And Risk Management Program At Afsc. A Major High-level Objective Of This Engagement Is To Request The Respondents Independently Validate Identified Risks Discovered Utilizing Vendor’s Standard Penetration Testing Methodologies, Vulnerability Assessments Techniques, And Red Teaming Methodologies. Another Goal Is To Assist Afsc To Identify Critical Security Controls Gaps That Could Significantly Affect The Confidentiality, Integrity, Availability, Privacy, And Safety Of Afsc, Its Clients And/or Its Staff. 2.2 Background As An Alberta Provincial Crown Corporation, Afsc Provides Farmers, Agribusinesses And Other Small Businesses Loans, Crop Insurance And Farm Income Disaster Assistance. With This Service Portfolio, Afsc Holds In Trust, Vast Amounts Of Small And Medium Scale Enterprise Sme Records And Information That Must Be Protected; Afsc Must Also Comply With Alberta's Freedom Of Information And Protection Of Privacy (foip) Act Which Provides A Framework For How Alberta Public Bodies Must Handle Citizen’s Information. With The Sensitivity And Volume Of Data Involved, A Data Breach Will Have Severe Risk Consequences For Afsc. It Is Thus Paramount That This Supporting Risk Management Activity (continuous Threat Exposure Management, Vulnerability Assessment, Penetration Testing And Red Teaming Exercise) Complements Afsc’s Assurance Functions. The Purpose Of The Engagement Is To: • Find Vulnerabilities In The Publicly Exposed (internet Accessible) Elements Of The Afsc Infrastructure From A Potential Intruder’s Point Of View. • Determine Whether Technical Vulnerabilities May Be Exploited And The Degree Of Exploitation And Its Impact To Afsc. • Assess The Overall Effectiveness Of Security Controls On The Perimeter Network And External Hosts In A Safe And Controlled Manner With No Unplanned Interruptions To Afsc’s Business Functions. • Explore The Ability For A Company To Help Afsc Build And Mature A Ctem Program The Successful Respondent May Be Required To Provide The Following As Part Of Its Deliverables To Afsc: • Evaluate And Assess Current Afsc Information Security Controls For Mission Critical Applications Within The Organization. • Perform Cloud Assessment And Penetration Testing Services (e.g. Infrastructure, Applications). • Determine The Extent To Which Internal Users May Represent An Exploitable Vulnerability To The Afsc’s Security Through Social Engineering Techniques. • Analyze The Results, Rule Out False Positives, Prioritize The Confirmed Vulnerabilities And Provide Steps For Immediate Remediation. • Provide A Detailed Account Of Findings And A Prioritized List Of Remediation Actions To Be Taken. • Provide Or Assist In Building A Complete Ctem Actionable Security Posture Remediation And Improvement Plan • Perform A Detailed Analysis Of Afsc Network Architecture Evaluating Data Flow, Physical And Logical Connections, Communication Protocols (intranet, Extranet, Remote Vpn), And Identify All Vulnerabilities Not Covered By Current Security Controls. • Conduct An Enterprise Network Discovery And Data Leakage Test To Identify Hosts, Routers, And Subnets That May Be Transmitting Data On Non-approved Or Unauthorized Devices Such As Unauthorized Third-party Connections, Unauthorized Internet Circuits, Or Unauthorized Virtual Private Networks (vpn’s); • Live Fire Type Tuning Of Current Security Tools In Utilization At Afsc 2.3 Objectives The Respondent Shall Provide A Broad Range Of Quality Services To Meet The Requirements Of Afsc In The Following Categories: • Penetration Testing Services – Preferred • Vulnerability Assessment Services – Preferred • Web App Penetration Testing - Preferred • Red Teaming Exercise – Optional; • Additional / Value Add Services – Optional; And • Continuous Threat Exposure Management (ctem) – Optional The Respondent Is Expected To Submit A Proposal For All Preferred Categories And Can Choose To Submit For The Optional Categories As Well. 2.3.1 Penetration Testing Services Penetration Tests Are Important Part Of A Security Team’s Threat And Vulnerability Management Capability. Penetration Tests Are Used As An Independent Verification Mechanism To Assess Organizations’ It Environment Controls. This Type Of Test Will Be Utilized To Determine The Organization’s Overall Security Posture. The Respondent Shall Provide The Following Quality Penetration Testing Services As Further Described Below: • Network Penetration Testing Services; • Web Application Penetration Testing Services; • Web Application Testing Services; And • Social Engineering Testing Services. 2.3.1.1 Network Penetration Testing Services A Network Penetration Testing Of The Computing Infrastructure Of Afsc. This Test Will Be Designed To Determine What Vulnerabilities Exist From Within/outside Afsc Network. The Objective Is To Perform A Controlled Attack Against Findings To Verify Results, And Provide An Overall Risk Assessment To Assist Afsc In Securing Network Infrastructure. The Respondent Shall Provide Network Penetration Testing Services Including But Not Limited To The Details Provided In Section 2.5. 2.3.1.2 Application Penetration Testing Services Application Penetration Testing Provides An Independent Verification Of The Security Status Of Afsc’s Applications. This Test Determines Whether Applications Present And Exploitable Risk To The Organization. The Respondent Shall Provide Application Penetration Testing Services Including But Not Limited To The Details Provided In Section 2.5. 2.3.1.3 Social Engineering Testing Services Social Engineering Testing Is The Use Of Deception And Manipulation To Obtain Confidential Information. It Is A Non-technical Kind Of Intrusion That Relies Heavily On Human Interaction And Often Involves Tricking People Into Breaking Normal Security Procedure. The Respondent Shall Provide Human Centric Social Engineering Testing Services Including But Not Limited To The Following: • Pretexting; • Phishing Campaigns (e.g., Email, Phone); • Brute Force (on Designated Systems); • Password Cracking. 2.3.2 Vulnerability Assessment Services A Vulnerability Assessment Exercise Will Identify What Vulnerabilities Exist Within The Afsc Network And Will Also Provide Recommendation On Prioritization And Remediation Based On The Resultant Risks To Afsc. This Will Also Complement The Findings Of The Afsc Vulnerability Management Program. The Respondent Shall Provide Vulnerability Assessment Services Which Will Include; • Identification Of Vulnerabilities On The Afsc Network; • Analysis Of Such Identified Vulnerabilities And Removing False Positives; • Prioritization Of The Identified Vulnerabilities; • Contextualization Of Risks That Might Arise Due To A Successful Exploit Of The Vulnerability; • Recommendations For Remediation Of The Vulnerability. 2.3.3 Web Application Penetration Testing Services Web Application Penetration Testing Provides An Independent Verification Of The Security Status Of Afsc’s Web Applications. This Test Determines Whether Web Applications Present And Exploitable Risk To The Organization. The Respondent Shall Provide Web Application Penetration Testing Services Including But Not Limited To The Details Provided In Section 2.5. 2.3.4 Red Teaming Exercise Red Teaming Exercise Is Used To Validate The Efficacy Of Security Controls And Capabilities, Or As Part Of Ongoing Incident Response And Threat & Vulnerability Management. The Respondent Will Conduct A Red Teaming Exercise To Obtain A Realistic Level Of Risk And Vulnerabilities Against: • Technology – Systems, Networks And Applications Devices And Appliances; • People – Staff, Outsourced Vendor Personnel, Departments And Business Partners; • Processes; • Incident Response Handling(or Testing); And • Physical Facilities – Offices And Data Centre. 2.3.5 Additional Services The Respondent Should Provide Any Additional / Out Of The Band Services To Afsc. Additional Services May Include, But Not Limited To The Following: • Remediation Assessments Following To The Initial Penetration Tests: • Physical Security Controls Review: • Internet And Email Security Controls Review: • Security Architecture Review: • Security Awareness Exercise Review: 2.3.6 Security Policy Review. Continuous Threat Exposure Management (ctem) A Ctem Program Uses Tools To Inventory And Categorize Assets And Vulnerabilities, Simulate Or Test Attack Scenarios And Other Forms Of Posture Assessment Processes And Technologies. It Is Important That A Ctem Program Has An Effective And Actionable Path. A Continuous Threat Exposure Management (ctem) Program Is A Set Of Processes And Capabilities That Allow Enterprises To Evaluate The Accessibility, Exposure, And Exploitability Of An Enterprise’s Digital And Physical Assets Continually And Consistently. The Respondent Shall Provide Ctem Cycle That Must Include: • Scoping • Discovery • Prioritization • Validation • Mobilization 2.4 Duration May 2024 Would Be The Anticipated Start Date Of Contract, Activities To Follow After That. The Resulting Initial Contract Shall Be For A Period Of One (1) Year With An Option For Extension Subject To Negotiations Satisfactory To Both Parties The Successful Vendor(s) Will Be Afsc’s Preferred Vendor(s) On A Need-to-need Basis During The Term Of The Contract Or Until Such Time As Afsc’s Business Needs Change. If Cloud Services Are Involved, Then Durations May Change. Expansion Capabilities – In The Future, Afsc May Wish To Expand Services Into Other Areas Of Its Business. In This Regard, Afsc Reserves The Right To Engage The Successful Vendor In The Future For Integrated Expansion Capabilities/modules For Other Asfc Business Areas. 2.5 Requirements Afsc Requests Respondents To Execute A Comprehensive Vulnerability Assessment, Penetration Testing Services, And Red Teaming Exercise For Afsc’s Systems And Applications. Respondents Are Required To Provide Supporting Information To Show How Vendor Will Execute Based On The Above Exercises And/or Services. 2.5.1 Preferred Requirements Network Penetration Testing Please Indicate Which Of The Following Network-related Environments You Can Perform Penetration Testing On. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Network Penetration Testing Requirements Response (yes / No) Approach/methodology Internal And External Penetration Testing Perimeter And Publicly Facing Infrastructure Telephony Systems/voip Cloud Assessment And Penetration Testing Printers, Hvac, Cctv Systems Network Penetration Testing Supporting Information Please Indicate If And How You Can Perform And Meet The Following Network-related Testing Requirements. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Requirements Response (yes / No) Approach Or Methodology Denial Of Service Testing Out Of Band Attacks War Dialing Wireless, Wep/wpa Cracking Spoofing Malware Attacks Service Discovery/port Scanning Web & Non-web Application Penetration Testing Please Indicate Which Of The Following Application (web And Non-web)-related Environments And (or) Vectors You Can Perform Penetration Testing On. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Requirements Response (yes / No) Approach Or Methodology Web Applications (i.e. Apis, Java, Xml, Asp.net, Php) Custom Apps (i.e. Crm Systems, Sap, Hr Systems ) Databases (i.e. Sql, Mysql, Oracle) 3rd Party Hosted Applications Mobile Applications Web & Non-web Application Penetration Testing Supporting Information Please Indicate If And How You Can Perform And Meet The Following Application (web And Non-web) -related Testing Requirements. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Requirements Response (yes / No) Approach Or Methodology Code Review: Analyzing Application Source Code For Sensitive Information Of Vulnerabilities In The Code. Authorization Testing: Testing Systems Responsible For User Session Management To See If Unauthorized Access Can Be Permitted. This Includes: • Input Validation Of Login Fields: Inputting Of Bad Or Overlong Characters And Inputs With The Aim Of Generating Irregular Results. • Cookie Security: Theft Of Cookies By Unauthorized Person. • Lockout Testing: Validating Lockout Processes Such As Timeout And Intrusion Controls To Ensure Legitimate Sessions Cannot Be Compromised Functionality Testing: Performing Testing Of The Application Functionality Itself. This Includes: • Input Validation: Inputting Of Bad Or Overlong Characters, Urls, Or Other Inputs With The Aim Of Generating Irregular Results. • Transaction Testing: Ensuring Desired Application Performance And Run With No Ability To Be Abused By End Users. Website Penetration Testing: Active Analysis Of Web Application Weaknesses Or Vulnerabilities. Encryption Usage Testing: Testing Applications’ Use Of Encryption To Ensure Secure Standards And Management Are Being Used. Authentication Process Testing: Ensuring Strong Authentication Processes Are In Place For End Users. User Session Integrity Testing: Ensuring User Sessions’ Ability To Remain Uncompromised Social Engineering Testing Please Indicate Which Of The Following Vectors You Can Perform Some Level Of Penetration Testing On. Please Provide Short Descriptions Of Your Approach Or Methodology For Each Vector. Requirements Response (yes / No) Approach Or Methodology Email / Phishing Phone / Vishing Physical Building Access Social Engineering Testing Supporting Information Please Indicate Which Of The Following Methods Of Social Engineering Or Tendencies You Can Support. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Requirements Response (yes / No) Approach Or Methodology Phishing Attacks Social Networking Scams – Facebook, Linkedin Pretexting Watering Hole Attacks Tailgating Bypassing Other Physical Security Measures Impersonation – Employee Or External Authority Password Cracking Others – Please Indicate Vulnerability Analysis And Exploitation Please Indicate If And How You Can Perform And Meet The Following Vulnerability Analysis And Exploitation Requirements: Requirements Comments: Please State Your Justification For How Requirements Are Met Please Indicate Any Exploitation Techniques That Will Be Used To Validate Identified Vulnerabilities. Please Indicate What Tools Are Used To Exploit Vulnerabilities And Whether They Are Open Source, Commercial, Or Proprietary Please Indicate How You Will Perform Traversal Of Systems And Hosts Please Indicate Which Of The Following Methods Are Used: • Credential Compromise • Cross Site Scripting • Any Other Method Used 2.5.2 Optional Requirements Red Teaming Exercise Please Indicate If And How You Can Perform And Meet The Following Red Team Exercise Requirements. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Requirements Response (yes / No) Approach Or Methodology Please Provide Information About The Methodology That Will Be Used In Conducting Red Team Exercise Of The Afsc Environment. Which Of The Following Areas Are Included In The Assessment. • Digital Assets • Physical Assets • Technical And Operational Processes What Exploitation Tactics Are Used For This Exercise? Does These Include • The Network Services • Physical Layer • Application Layer Are There Particular Cyberattack Emulations Or Threat Actor Roles (such As Organized Crime, Cyberterrorist, Hacktivist, Cyberspy) That Will Be Used During This Exercise? If Yes, Please Provide Additional Information On The Emulations Used. How Does The Team Ensure Foothold And Maintain Presence During The Exercise To Achieve The Set Objectives Continuous Threat Exposure Management Please Indicate Which Of The Following Network-related Environments You Can Perform Ctem Plan On. Please Provide Short Descriptions Of Your Approach Or Methodology For Each. Ctem Requirements Response (yes / No) Approach/methodology Scoping Discovery Prioritization Validation Mobilization 2.5.3 Training If There Is A Need For A Device Install Or Configuration Changes Needed, Documentation And Training To Be Provide To Afsc Staff In Order To Assist With Timely Install And Configuration For What Is Needed. Vendor To Provide Any Needed Training For Documentation To Afsc In Order To Facilitate Any Vulnerability Assessment Activities. 2.6 Corporate Capabilities And Executive Summary Proposals Must Include An Executive Summary Of The Key Features Of The Proposal. This Summary Should Include: A) A Brief Introduction Of The Vendor; B) A Brief Company History And Overview Of The Vendor As It Applies To The Content Of The Competitive Bid; C) Demonstrate A Sound Understanding Of The Scope, Objectives And Requirements Presented In This Competitive Bid; D) The Number And Nature Of Engagements In Similar Scope And Size As Outlined In Section 2.0 Of Competitive Bid During The Past Two (2) Years; And E) Industry Awards, Certifications And Other Market Place Distinctions; F) Social Responsibilities And Environmental Consideration; G) Indicate Why The Vendor Considers Itself To Be A “right” Service Provider And What Key Strengths It Will Bring To Afsc In The Immediate And Long Term. 2.7 Resources Please Provide A List Of The Staff Members That Will Be Assigned To The Engagement At Afsc. Please Note, The Successful Respondent Will Be Required To Sign Off On All Of Afsc’s Security Forms Prior To Any Work Being Completed. The Response Should Include But Not Limited To The Following: Requirements Comments: Please State Your Justification For How Requirements Are Met Provide Information Pertaining To Previous Projects/engagements Of Similar Nature That The Resource Or Team Lead Has Had And Provide References For The Project Provide Resumes For Staff That Will Be Assigned To The Engagement At Afsc. The Resume Should Include Skills, Experience, Qualification, Certifications And Accreditation. If Any Of The Assigned Staff Possess Or Requires Government Security Clearances. Respondent Should Also Identify The Tasks And The Task Dependencies Involved In The Completion Of The Requested Services. Provide Evidence Of License To Conduct Pentest In Location. 2.8 Value Add The Vendor May Describe Two (2) Significant Value Added Services Provided Relative To The Scope Of Work Provided To Other Clients Including The Vendor’s Commitment For Future Support. The Proposal Should Contain A Description Of Value Added Services Provided By The Vendor And The Strategy That The Vendor Would Employ In Proposing A Similar Type Of Service To Afsc. The Proposal Must Clearly Outline If There Are Any Additional Cost For The Value Added Services. 2.9 Approach Proposal Should Include The Following: A) A Description Of Corporate Philosophies, Values, Culture And Approaches Especially As They Relate To The Requirements Of Afsc; B) A Description Of The Vendor’s Decision Making Approach And Philosophy; And; C) The Proposal Must Provide Two Project Examples To Demonstrate The Vendor’s Ability To Take Ownership, Accept Accountability And Deliver On Commitments Made And To “stand Behind Their Work”. D) How The Vendor Plans To Proactively Address Issues That May Come Up In Regards To A Relationship With Afsc. E) Provide The Vendor’s Approach To Quality Assurance, Continuous Improvement, And Performance Management Processes, Techniques, Change Control And Tools. Vendor(s) Proposing An Alternative To A Competitive Bid Requirement Must Clearly Denote Each As An Alternative And Substantiate The Merit Of That Alternative. Proposed Alternatives Must Substantially Meet The Fundamental Intent Of The Requirement. 2.10 Security Please Complete Appendix D Information Security Privacy Cloud Assessment Form And Include It With Your Proposal. This Form Must Be Completed And Submitted Prior To The Closing Date In Order To Proceed To The Next Review Phase. 2.10.1 Data Classification For Awareness, The Type Of Data Involved In This Project Are ( Not Limited To Restricted/protected C. This Can Be Reviewed On The Goa Site. Do You Provide The Ability To Apply Different Data Or Information Classification Levels To Your Data Sets, And Are Different Levels Of Controls Available For Them Based On The Classification? If So Please Provide Detail For Different Processes Such As Security, Privacy Or Retention. 2.11 Technology Information Afsc’s Central Office Is Situated In Lacombe, Alberta Canada. With 2 Geographically Separated Data Centers Located In Edmonton Ab And Lacombe Ab, Afsc’s Enterprise Network Also Consists Of Branch Office Lans Dispersed Across Alberta, Canada. The Afsc Branch Office Lans Are Connected Via Vpn Tunnels Implemented In A Hub-and-spoke Architecture. These Vpns Run In Private Leased Mpls Clouds And Terminate On Head-ends Situated At Each Of The Data Centers Earlier Described. At A Very Simplified Level, Afsc Has About 38 Offices Across Alberta, With Social Media And Cloud Presence; It Also Has Just Under 700 Staff Providing Client, Administration And Technical Support. 2.12 Documentation Please Describe Your Final Penetration Results Report Structure; Requirements Response (yes/ No) Comments: Please State Your Justification For How Requirements Are Met Are These Components Included In The Final Report? • Introduction • Executive Summary • Technical Review • Detailed Findings • Testing Methodology • Screen Shots • Validation Of Compromise Will The Report Contain The Methodology Used Please Describe How You Prioritize Any Identified Vulnerabilities Or Security Weaknesses Do You Provide Recommendations For Remediation? Please Describe Please Provide A Sample Report For Each Of The Test Services Conducted (i.e. Penetration Testing, Etc.) 2.13 Additional Information Additional Requirements Comments: Please State Your Justification For How Requirements Are Met Description Of At Least Three (3) Engagements For Vulnerability Assessment, Penetration Testing / Red Teaming Exercise The Respondent Company Has Conducted Including A Statement Regarding The Type Of It Infrastructure And The Results For Each. A Detailed Recommended Approach Associated With An Assessment Of This Nature For The Scope Of Work Outlined Above. Project Plan That Contains The Elements Relative To The Vulnerability Assessment, Penetration Test And Red Teaming Exercise Conducted From A Location External To Afsc. What Activities Would Be Performed And How Those Activities Would Be Controlled So That Afsc Operations Are Not Interrupted. A Detailed Timeline Required To Complete Scope And Provide Deliverables As Outlined. Preferably In Electronic/paper Form That Contains A Project Plan With The Entire High Level Work Breakdown List. A Brief Description Of Each Project (vulnerability Assessment, Penetration Testing & Red Teaming Exercise) Plan Phase And Milestones And Also The Estimated Timelines For Each Phase And Milestone. The Methodology That Will Be Followed For Implementation Of Your Plan From Within Afsc And Outside Of Afsc (remote Location) Processing Environment. Include Any Unique Requirements Or Conditions. Description Of How The Respondent Company Stays Abreast With The Changing Governmental Regulations And Industry Guidelines For Cyber Security. In Protection Of The Afsc Confidential Information, The Respondent Company Is Expected To Describe How It; • Protects The Information Gathered During The Engagement From Both Internal And External Sources. • Stores Data Collected During Engagement. • Disposes Of Data Collected During Engagement. Please List And Describe All The Tools You Use For An Engagement Like This And Include If They Are Commercially Or In-house Developed. 2.14 Disclosure In The Interest Of Full Disclosure To All Vendors Wishing To Submit A Proposal, Please Note That Afsc Has Had A Previous Working Relationship With A Vendor Who May Submit A Proposal To This Competitive Bid.  In This Regard, Through The Normal Course Of Providing Prior Services To Afsc, It Is Likely That This Vendor Will Have Acquired Knowledge About Afsc, In Addition To Having Had Access To Information, Beyond What Has Been Included Within This Competitive Bid. The Nature Of The Services Provided By The Vendor To Afsc Includes Services That Are Similar, Or Identical, To The Services Described In The Statement Of Work. 2.15 Pricing Please Indicate That The Price Quoted Will Be Guaranteed Until Implementation. Afsc Is Requesting A Fixed Price Response For The Scope Of Work As Outlined In The Section Above In Canadian Dollars. Identify Any Other Administrative Fees Or Services Charges, And Indicate How You Will Be Invoicing In Detail. Please Provide Pricing For One Year Period. Vendors Must Also Identify Any Other Administrative Fees Or Service Charges, And Provide Details On Invoicing (which May Subject To Change Based On Afsc’s Requirements). Services / Solution Pricing Penetration Test (internal Pentest And External Pentest) 3rd Party Hosted Web Application. Price Should Be Provided For Four (4) Of Such Applications Annually Red Teaming Exercise Vulnerability Assessment G. S. T. Certification Clause This Is To Certify That The Services Ordered Or Purchased Are For The Use Of, And Are Being Purchased By Afsc With Crown Funds, And Are Therefore Not Subject To The Goods And Services And Harmonized Sales Tax. 3.0 Evaluation Evaluation Criteria The Competitive Bid Evaluation Criteria Will Be Distributed Within The Following Rating Categories. Evaluation Criteria Evaluation Category Weighting % Requirements • Network Penetration Testing • Web & Non-web Application Penetration Testing • Social Engineering Testing • Vulnerability Analysis And Exploitation • Red Teaming Exercise • Continuous Threat Exposure Management For This Criteria The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.5 25% Corporate Capability & Executive Summary • Demonstrate A Sound Understanding Of The Scope • Indicate Why The Vendor Considers Itself To Be A “right” Service Provider And What Key Strengths It Will Bring To Afsc In The Immediate And Long Term. For This Criteria The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.6 5% Resource Qualifications • Previous Projects/engagements Of Similar Nature That The Resource Or Team Lead Has Had • Skills, Experience, Qualification, Certifications And Accreditation. • Identify The Tasks And The Task Dependencies Involved In The Completion Of The Requested Services. • Evidence Of License To Conduct Pentest In Location. For This Criteria The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.7 20% Value Add • The Vendor May Describe Two (2) Significant Value Added Services Provided Relative To The Scope Of Work Provided To Other Clients Including The Vendor’s Commitment For Future Support. • The Proposal Should Contain A Description Of Value Added Services Provided By The Vendor And The Strategy That The Vendor Would Employ In Proposing A Similar Type Of Service To Afsc. The Proposal Must Clearly Outline If There Are Any Additional Cost For The Value Added Services. For This Criteria The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.8 10% Approach For This Criterion The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.9 5% Documentation For This Criterion The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.12 10% Additional Requirements For This Criterion The Evaluation Committee Will Give Particular Reference To The Vendor’s Response To Section 2.13 5% Pricing (can Be Removed And Scored Independently) 20% Each Evaluation Category And/or Sub-category Is Given A Weight As A Percentage To Reflect Its Relative Importance In The Evaluation. The Members Of The Evaluation Committee Consist Of Afsc Staff From The Product Lines Or A Part Of The Specified Project/area/department Requesting The Services. Proposals Will Be Evaluated And Scored Based On Quality Of Response To The Requirements Of This Rfp. Those Proposals That Score The Highest May Be Shortlisted To Participate In A Subsequent Interview/presentation/demo Process. The Written Portion Will Be Weighted At _60_% And The Interview/demo At _40_%. The Scores From The Proposals May Be Adjusted As Per The Clarifications Presented In The Interview. Selection Of The Preferred Vendor Will Be Based On The Highest Score. (if Applicable) Contract Negotiations May Be Completed Prior To Award And May Be Used As Part Of The Award Decision. Pre-screening Proposals May Be Subject To Pre-screening Based On Select Mandatory Criteria. (if Applicable)   4.0 Contract Review All Agreements Must Be Drafted (or Reviewed And Agreed To) By Afsc’s Legal Department. Previously Entered Into Agreements Between Afsc And The Successful Vendor Will Not Be Used As The Form Of Definitive Agreement For This Engagement. The Definitive Agreement That Is Entered Into Between The Vendor And Afsc Will Incorporate Afsc’s Terms Of Business Set Out At Appendix (b), As Well As Key Afsc Standards For Contracts, Which Are As Follows: • Termination For Convenience Upon Written Notice. • No Limitations Of Liability Or Monetary Caps Granted. • No Disclaimers Of Liability Granted. • No Indemnities Against Third Party Claims Granted (limited Exceptions). • Governing Law - Province Of Alberta, Country Of Canada. • Finite Term Of Contract - No Auto-renewals. If The Vendor Wishes To Propose Alternative Wording To The Terms Of Business Set Out At Appendix (b) Or Disagrees With The Above-listed Key Afsc Standards For Contracts, The Vendor Must Complete And Submit Appendix (c) (alternate Wording – Additional Clause Template) Clearly Citing The Suggested Variations. ***note That Afsc Has The Sole Discretion To Consider Whether Wording Changes Or Alternate Clauses Will Be Considered For Negotiation Purposes And/or Incorporated Into The Definitive Agreement. The Extent And Materiality Of Any Requested Changes/deviations From The Terms Of Business Or Key Afsc Standards For Contracts By The Vendor May Impact The Vendor’s Overall Rating When The Proposal Is Evaluated. By Submitting A Proposal Without A Completed Appendix (c) Attached Thereto, Vendors Are Deemed To Accept The Terms Of Business As Set Out At Appendix (b), As Well As The Above-listed Key Afsc Standards For Contracts As A Condition Of Submitting A Proposal. A Vendor’s Acceptance Of The Terms Of Business And Key Afsc Standards For Contracts May Have A Positive Bearing On The Vendor’s Overall Score. As Part Of The Vendor’s Proposal, Afsc Requires The Vendor To Submit The Vendor’s Typical Form Of Agreement Generally Used With Customers. ***afsc May Or May Not Choose To Use The Vendor’s Typical Form Of Agreement As The Basis Of The Definitive Agreement Between Afsc And The Vendor. Even If Afsc Opts To Use The Vendor’s Typical Form Of Agreement As A Foundation For The Definitive Agreement, As Stated Above, The Final Version Of The Definitive Agreement Will Incorporate Afsc’s Terms Of Business Set Out At Appendix (b), As Well As Key Afsc Standards For Contracts. ***note That Afsc Has The Discretion To Amend The Wording Of The Terms Of Business As Set Out At Appendix (b) When Incorporating Into The Definitive Agreement And, To The Extent That There Is Any Inconsistency Between The Terms Of Business And The Definitive Agreement, The Definitive Agreement Shall Take Precedence. No Work Will Commence In Relation To This Competitive Bid Until A Fully Executed Definitive Agreement Is In Place Between Afsc And The Vendor. Failure To Comply With This Requirement Will Result In Non-payment Of Any Activities Performed Prior To The Execution Of The Definitive Agreement. 4.1 Negotiations Afsc May Require Selected Vendor(s) To Participate In Negotiations And To Submit Revisions To Pricing, Technical Information, Agreements And Any Other Items In Any Proposal That May Result From Negotiations. If Negotiations Do Not Result In Modification Of The Agreement(s) That Is Acceptable To Afsc, The Proposal May Be Rejected. 5.0 Master Schedule The Master Schedule Of Competitive Bid Related Events Is Set Out In The Table Below And Is Governed By The Following Principles: A) In The Event That Any Dates Elsewhere In This Competitive Bid Conflict With A Date Set Out In This Table, The Date Set Out In This Table Shall Prevail; B) All Times Listed Are Based On Mountain Standard Time (mst); C) Afsc Reserves The Right To Adjust The Dates Of The Schedule If Required Through An Addendum Process. # Event Scheduled Date/time 1 Afsc To Accept E-mail Inquiries Relevant To This Competitive Bid. Vendor(s) Must Use The Q & A Template Provided As Appendix (a) And Submit Through Rfp@afsc.ca. March 12, 2024 2 Final Receipt Of Proposals. (closing Date) March 26, 2024 @ 1:00 Pm 3 Evaluation Of Competitive Bid Written Proposals. Afsc In Its Discretion May Extend This Time. March 27, 2024 To April 4, 2024 4 Interviews Or Presentations For Short-listed Vendors. Afsc In Its Discretion May Change This Date. Week Of April 15, 2024 5 Afsc To Perform Reference Checks On Shortlisted Vendors. Afsc In Its Discretion May Change This Date. Week Of April 15, 2024 6 Final Evaluation And Notification Of Award Of Contract. Afsc In Its Discretion May Change This Date. Week Of April 22, 2024 7 Target Commencement Date Afsc In Its Discretion May Change This Date. May 15, 2024 6.0 Proposal Submission Guidelines 6.1 Proposal Format To Facilitate Ease Of Evaluation By The Evaluation Team, And To Ensure Each Proposal Receives Full Consideration, Proposals Should Be Organized In The Following Format Using The Section Titles And Sequence Listed Below: Table Of Contents; A) Pre-screening Requirements (optional) B) Proposal To Statement Of Work (2.0); Including Legal And Contact Information: • The Full Legal Name Of The Vendor. • The Location Of The Vendor’s Head Office And Service Centers. • A Vendor Contact For All Questions And Clarifications Arising From The Proposal. • Vendor Contact Authorized To Participate In Contract Finalizations. References • The Proposal Should Include Three (3) References Including, But Not Limited To Organization, Address, Contact Name, Telephone Number And Email Address. • References Should Include Organizations That Can Verify The Satisfactory Provision, Performance And Or/servicing Of Goods And Associated Services The Name As, Or Similar To The Requirements Of This Competitive Bids, The Corporate Purchasing Section May Contact References In Addition To Those Provided In The Proposal. • References May Be Conducted To Validate Information Provided In The Vendor’s Proposal • It Is Expected That The Vendor(s) Will Be Able To Arrange For Afsc To Contact The Reference During The Evaluation Period. • Government And Agencies, References Would Be Preferred If Available. (optional) Additional Information • Additional Information May Be Included At The Vendor’s Discretion, But This Must Not Detract From The Ability Of Afsc To Easily Reference Information For Evaluation Purposes. Assumptions • Vendor Is Expected To Identify In Detail Any Assumptions That Have Been Made During The Creation Of Their Written Proposal To The Scope Identified. C) Alternate Wording Template (appendix C) D) Vendor’s Agreement Template E) Proof Of Wcb And Insurance F) Proof Of Corporate Registry G) Financial Requirements (optional) H) Vendor’s Ethics Policy (optional) The Vendor Should Have An Ethics Policy That Guides Their Organization In All Its Business Activities And Should Provide A Copy Of This Ethical Policy As An Attachment To Their Proposal. This Policy Will Not Form Part Of The Evaluation. Appendices The Following Appendices Are Included And Applicable To This Competitive Bid: Appendix A: Question And Answer Template Appendix B: Terms Of Business Appendix C: Alternate Wording-additional Clause Template Appendix D: Information Security Privacy Cloud Assessment Form Appendix E: Letter Of Submission Revised 2023 Responsive Proposals Should Provide Straightforward, Concise Information That Satisfies The Requirements Noted In The Proposal Guidelines Section Of This Rfp. Emphasis Should Be Placed On Conformity To Afsc’s Instructions, Requirements Of This Rfp, And Completeness And Clarity Of Content. Ambiguous, Repetitive, Unclear Or Unreadable Proposals May Be Cause For Rejection. 6.2 Proposal Submissions Vendors Must Provide An Electronic Version Of Their Proposal By E-mail To Rfp@afsc.ca Prior To The Closing Date And Time Of This Competitive Bid. (optional) Buyer May Request That A Hard Copy Is Submitted. Electronic Versions (emails) Must Be Less Than 18 Mb In Order For Afsc To Receive The Vendor’s Submission. If The Proposal Is Larger Than 18 Mb, It Must Be Divided Into A Sufficient Number Of Files Such That Each Email, Including Attachments, Is Less Than 18 Mb. Afsc Cannot Accept Files On Media Storage Devices. (optional) All Hard Copy Proposal Materials Are To Be Sealed In A Single Package And Clearly Labelled With The Competitive Bid # To: Attention: Buyer, Business Services Afsc 5718 – 56th Avenue Lacombe, Ab T4l 1b1 In Responding To This Competitive Bid, Your Attention Is Drawn To The Following: • Proposals Received After This Competitive Bid’s Closing Date And Time Will Be Rejected. • Proposals Received Not In The Order Outlined Above In Section 6.1 May Not Be Evaluated Further. Vendors By Submitting A Proposal Are Deemed To Have Accepted The Competitive Bid Terms And Conditions.

Details: This Solicitation Is Cancelled. The Requirement Will Be Revised And Re-solicited.  description This Is A Combined Synopsis/solicitation For Commercial Products And Commercial Services Prepared In Accordance With The Format In Federal Acquisition Regulation (far) Subpart 12.6, Streamlined Procedures For Evaluation And Solicitation For Commercial Products And Commercial Services, As Supplemented With Additional Information Included In This Notice. This Announcement Constitutes The Only Solicitation; Quotes Are Being Requested, And A Written Solicitation Document Will Not Be Issued. This Solicitation Is Issued As An Rfq. The Solicitation Document And Incorporated Provisions And Clauses Are Those In Effect Through Federal Acquisition Circular 2023-05. This Solicitation Is Set-aside For Service Disabled Veteran Owned Small Businesses (sdvosb). Vendors Must Be Registered In Sam And Vetcert Before They Submit Their Quote Or They Will Not Be Considered. The Associated North American Industrial Classification System (naics) Code For This Procurement Is 624230, With A Small Business Size Standard Of $41.5 Million. The Fsc/psc Is X1gz. Schedule Of Services Base Period: December 1, 2023 November 30, 2024 Item # Clin Medical Cache Services Qty Monthly Price Extended Amount 1 Clin 0001 Storage Of Government Property Medical Cache 12 â  â  2 Clin 0002 Training 12 â  â  3 Clin 0003 Mobilization Of Cache 12 â  â  4 Clin 0004 Consumables And Equipment Replenishment 12 â  â  Total For Base Year $ - Option Year 1: December 1, 2024 - November 30, 2025 Item # Clin Medical Cache Services Qty Monthly Price Extended Amount 1 Clin 1001 Storage Of Government Property Medical Cache 12 â  â  2 Clin 1002 Training 12 â  â  3 Clin 1003 Mobilization Of Cache 12 â  â  4 Clin 1004 Consumables And Equipment Replenishment 12 â  â  Total For Option Year 1 $ - Option Year 2: December 1, 2025 - November 30, 2026 Item # Clin Medical Cache Services Qty Monthly Price Extended Amount 1 Clin 2001 Storage Of Government Property Medical Cache 12 â  â  2 Clin 2002 Training 12 â  â  3 Clin 2003 Mobilization Of Cache 12 â  â  4 Clin 2004 Consumables And Equipment Replenishment 12 â  â  Total For Option Year 2 $ - Option Year 3: December 1, 2025 - November 30, 2026 Item # Clin Medical Cache Services Qty Monthly Price Extended Amount 1 Clin 3001 Storage Of Government Property Medical Cache 12 â  â  2 Clin 3002 Training 12 â  â  3 Clin 3003 Mobilization Of Cache 12 â  â  4 Clin 3004 Consumables And Equipment Replenishment 12 â  â  Total For Option Year 3 $ - Option Year 4: December 1, 2025 - November 30, 2026 Item # Clin Medical Cache Services Qty Monthly Price Extended Amount 1 Clin 4001 Storage Of Government Property Medical Cache 12 â  â  2 Clin 4002 Training 12 â  â  3 Clin 4003 Mobilization Of Cache 12 â  â  4 Clin 4004 Consumables And Equipment Replenishment 12 â  â  Total For Option Year 4 $ - Va Federal Coordinating Center Patient Reception Team Cache General Information Title Of Project: Va Fcc Medical Cache Maintenance & Storage/echcs Emergency Cache Storage Only Scope Of Work: Contractor Shall Store And Maintain All Items In The Federal Coordinating Center (fcc) Medical Cache That Is Needed For Emergency Response To Medical Disasters. This Includes But Not Limited To; Replacing Iv Solutions That Have Expired, Replenish Items And Equipment As Necessary From Use. All Items In The Fcc Medical Caches Are Owned By The Department Of Veterans Affairs, Eastern Colorado Health Care System (echcs). The Fcc Medical Cache Shall Be Available At All Times For Emergency Response. Storage Only, No Maintenance Of The Echcs Emergency Cache. Background: The Department Of Veterans Affairs, Echcs Is The Host Federal Agency For The National Disaster Medical System. The National Disaster Medical System (ndms) Is Managed By The Department Of Homeland Security And May Be Activated In Times Of Federally Declared National And International Emergencies To Coordinate Medical Care Of Evacuees From The Emergency Area To An Assigned Area. The Echcs Is Dedicated As The Federal Coordinating Center (fcc) And Coordinates The Federal Disaster Response Emergencies And Exercises For The Region With The Local Medical Facilities. This A Mass Casualty Emergency Or Exercise That Will Simulate The Receiving, Triage, And Transport Of More Than 150 Patients To 11 Metro-area Hospitals Via Eight Ground Ambulances And Ten Helicopters Over The Course Of Six Hours. General Requirements: The Contractor Shall Identify And Purchase (upon Approval Of Cache List) Fcc Medical Equipment And Supplies To Provide The Va Patient Reception Team A Separate And Independent Cache To Work From During Ndms Patient Movement Evolutions. Fcc Cache Will Be In-service Within 1 Months Of Contract Approval. The Contractor Shall Provide Space For Storage Of Va Patient Reception Team (prt) Fcc Cache That Meets The Following Requirements: Local To The Denver Metropolitan Area Climate Controlled Monitored Security Rapid Access Within A 10-mile Radius Of Denver International Airport The Contractor Shall Maintain The Va-prt Fcc Cache In A Ready To Respond State. This Maintenance Will Include: Battery Rotation And Conditioning Inventory Management Rotation Of Expired Stock The Contractor Shall Ensure Delivery Of Fcc Cache To A Specified Location Within Fema Region Viii. In The Event Of Fcc Prt Activation, Pick-up Of Cache Will Happen Within 4 Hours Of Notice By Va-prt. For Exercises Or Training Events Delivery Of The Cache Will Be Done In Accordance With The Objectives Of The Exercise Or Training. The Contractor Shall Participate In A Functional Exercise That Will Have The Following Objectives As A Minimum: Activation Of The Va-prt Delivery Of The Va-prt Fcc Cache To A Specified Location Assess The Va-prt S Ability To Identify, Organize, And Manage The Personnel And Resources Needed To Effectively Carry Out A Patient Reception Event. Setup Of A Staging, Triage, Treatment, Transportation, And Patient Tracking Groups. These Groups Will Be Comprised Of Various Local Resources Engage Local Responders And Hospitals, Patients Will Be Transported To Local Hospitals By Air And Ground Resources As Necessary. The Contractor Shall Provide A Secure Website For Access To The Cache Inventory The Contractor Shall Assist With Training The Va Patient Reception Team Two (2) Times A Year. This Training Will Include: Accessing The Va-prt Fcc Cache Medical Equipment Overview And Familiarization Policy And Procedure Questions The Contractor Shall Have Minimum Of Five Years Of Experience For Storage And Maintenance Of Medical Cache. The Contractor Staff Shall Have Medical Training To Ensure That The Va Patient Reception Team (va-prt) Fcc Cache Is Maintained In A Ready To Respond State At All Times. The Contractor Shall Be Responsible For Government Furnished Equipment That Is Provided For Storage And Maintenance In The Medical Cache. Hours Of Coverage: Normal Hours Of Coverage Are Monday Through Friday From 8:00 A.m. To 5:00 P.m., Excluding The Federal Holidays Listed As Follows: Federal Holidays: New Year S Day Dr. Martin Luther King Jr S Birthday Presidents Day Memorial Day Juneteenth Independence Day Labor Day Columbus Day Veteran S Day Thanksgiving Day Christmas Day Any Other Day Specifically Declared A National Holiday By The President Of The United States. When One Of The Above Designated Legal Holidays Falls On A Sunday, The Following Monday Will Be Observed As A Legal Holiday. When A Legal Holiday Falls On A Saturday, The Preceding Friday Is Observed As A Holiday By Us Government Agencies. Fcc Emergency Hours Of Coverage: The Government Will Have The Authority To Activate The Fcc Medical Cache In A National Emergency Within 2 Hours Of The Governments Notification To Contractor To Deploy. Fcc Government Furnished Property Inventory List Trifold -7 Cart Item Description Qty U/m Tri-fold-7 60-0001 Litters 20 Ea Tri-fold-7 60-0008 Iv Poles 20 Ea Tri-fold-7 Delineator Post Delineator Post 12 Ea Tri-fold-7 12# Base Base For Post 12 Ea Tri-fold-7 Lanyards Lanyards 400 Ea Rubbermaid-9 Cart Item Description Qty U/m Rubbermaid-9 Is-8303sa Small Sharps 10 Ea Rubbermaid-9 Al-881a Sani-cloth Wipes 6 Bx Rubbermaid-9 Is-shut Sharps Shuttle 24 Ea Rubbermaid-9 3m 1860 N-95 Mask 4 Bx/20 Rubbermaid-9 Mds195184 Glove-sm 4 Bx Rubbermaid-9 Mds195185 Glove-med 4 Bx Rubbermaid-9 Mds195186 Glove-lrg 4 Bx Rubbermaid-9 Mds195187 Glove-xlrg 4 Bx Rubbermaid-9 Og-888-02 Regulator 2 Ea Rubbermaid-9 Is-5488 Sharps-krg. 4 Ea Rubbermaid-9 Ic-1507 Infectious Control Kit 16 Ea Treatment-green Cart Item Description Qty U/m Rubbermaid-9 Is-8303sa Small Sharps 10 Ea Rubbermaid-9 Al-881a Sani-cloth Wipes 6 Bx Rubbermaid-9 Is-shut Sharps Shuttle 24 Ea Rubbermaid-9 3m 1860 N-95 Mask 4 Bx/20 Rubbermaid-9 Mds195184 Glove-sm 4 Bx Rubbermaid-9 Mds195185 Glove-med 4 Bx Rubbermaid-9 Mds195186 Glove-lrg 4 Bx Rubbermaid-9 Mds195187 Glove-xlrg 4 Bx Rubbermaid-9 Og-888-02 Regulator 2 Ea Rubbermaid-9 Is-5488 Sharps-krg. 4 Ea Rubbermaid-9 Ic-1507 Infectious Control Kit 16 Ea Treatment-red-yellow Cart Item Description Qty U/m Treatment Red-yellow Sg-2020s-blu Blood Presure Kit 2 Ea Treatment Red-yellow St-2290 Stethoscope 2 Ea Treatment Red-yellow In001-blk Utility Scissors 1 Ea Treatment Red-yellow Pl-1008 Penlight 2 Ea Treatment Red-yellow Po8500a Pulse Ox 1 Ea Treatment Red-yellow Gu10019 Accu-chek Glucomrter 1 Ea Treatment Red-yellow Th-4000 Thermoscan 1 Ea Treatment Red-yellow Th5075 Probe Covers 1 Bx Treatment Red-yellow Tx-wheel Pedi-wheel 1 Ea Treatment Red-yellow Tx-critical Pocket Guide 1 Ea Treatment Red-yellow Ba6715 Kerlix 2 Ea Treatment Red-yellow Bj848 4x4 Pads 20 Ea Treatment Red-yellow Di-444 Heet-pak 1 Ea Treatment Red-yellow Di-688 Cold-pak 1 Ea Treatment Red-yellow Be-2 Coban 2" 1 Rl Treatment Red-yellow Ba-415 Xeroform 2 Ea Treatment Red-yellow Om-20039 Saline Bullets 7 Ea Treatment Red-yellow Sl-7122 Sodium Chloride,250ml 2 Bt Treatment Red-yellow Ta-7827-1 Transpore 1" 2 Rl Treatment Red-yellow Ta-7827-2 Transpore 2" 2 Rl Treatment Red-yellow Ta-5104 Zonas Tape 1" 2 Rl Treatment Red-yellow Ta-5106 Zonas Tape 2" 2 Rl Treatment Red-yellow Bs7303a Emergency Blanket 1 Ea Treatment Red-yellow Mds195184 Glove-sm 1 Bx Treatment Red-yellow Mds195185 Glove-med 1 Bx Treatment Red-yellow Mds195186 Glove-lrg 1 Bx Treatment Red-yellow Mds195187 Glove-xlrg 1 Bx Treatment Red-yellow Iv4173-15 Primary Iv Set 2 Ea Treatment Red-yellow Iv-001 Inject Site 2 Ea Treatment Red-yellow Iv-8042 Ext Set 2 Ea Treatment Red-yellow It-6150 Iv Start Pak 6 Ea Treatment Red-yellow It-18ga 18 Ga. Needle 5 Ea Treatment Red-yellow It21ga 21 Ga. Needle 5 Ea Treatment Red-yellow It23ga 23 Ga. Needle 5 Ea Treatment Red-yellow It3ccll 3cc Syringe 2 Ea Treatment Red-yellow It5ccll 5cc Syringe 2 Ea Treatment Red-yellow It10ccll 10cc Syringe 2 Ea Treatment Red-yellow It-1709 Iv Cath 14ga 5 Ea Treatment Red-yellow It-1707 Iv Cath 16ga 5 Ea Treatment Red Yellow It-1705 Iv Cath 18ga 5 Ea Treatment Red-yellow It-1703 Iv Cath 20ga 5 Ea Treatment Red-yellow It-1701 Iv Cath 22ga 5 Ea Treatment Red-yellow Is-5488 Sharps Colector 3.3 Qt 1 Ea Chairs From Roger Rewerts At Denver Va Va Denver â  18 Tables From Roger Rewerts At Denver Va Va Denver â  6 Wheelchairs From Roger Rewerts At Denver Va Va Denver â  20 Iv Poles For Wheelchairs From Roger Denver Va Va Denver â  10 Cart Item Description Qty U/m Office Supplies 181594 Pens-black 4 Dz Office Supplies 729036 Pens-red 4 Dz Office Supplies 181578 Pens-blue 4 Dz Office Supplies 203349 Sharpie-black 4 Dz Office Supplies 128844 Highlighter Yellow 2 Dz Office Supplies 107580 Pencil 48 Ea Office Supplies 588290 Pencil Sharpener 2 Ea Office Supplies 275714 Stapler 3 Ea Office Supplies 221051 Staples 1 Pk Office Supplies 255722 3-hole Punch 1 Ea Office Supplies 375667 Scissors 4 Ea Office Supplies 221784 Paper Clips 1 Pk Office Supplies 615303 Binder Slips 4 Pk Office Supplies 173336 Tape Dispenser 4 Ea Office Supplies 575341 Invisible Tape 1 Pk Office Supplies 965232 White Out Tape 10 Ea Office Supplies 432479 Post-it Pads 12 Ea Office Supplies 553800 Dry Erase Set 1 Ea Office Supplies 305466 Writing Pad 12 Ea Office Supplies 810838 Manila File Folder 50 Ea Office Supplies 526076 Clipboard W/stor 10 Ea Office Supplies 348037 Copy Paper 4 Rm Office Supplies 848808 13 Gl. Trash Bags 100 Ea Office Supplies 348037 Copy Paper 6 Rm Cart Item Description Qty U/m Crash 1,2 Is-5488 Sharps Colector 3.3 Qt 1 Ea Crash 1,2 Ok-2100 Suction Unit 1 Ea Crash 1,2 Lp1212 Life-pak Unit 1 Ea Crash 1,2 Th-5075 Probe Covers 1 Bx Crash 1,2 In-001-blk Utility Scissors 1 Ea Crash 1,2 In-920 Ring Cutter 1 Ea Crash 1,2 Pl-1008 Pen Light 2 Ea Crash 1,2 St-2290 Stethoscope 1 Ea Crash 1,2 Sg2020s-blu Blood Presure Kit 1 Ea Crash 1,2 Gu-40019 Accu-chek Glucomrter 1 Ea Crash 1,2 Tx-critical Pocket Guide 1 Ea Crash 1,2 Tx-wheel Pedi-wheel 1 Ea Crash 1,2 Th-4000 Thermoscan 1 Ea Crash 1,2 11996-000081 Filterline Set 2 Ea Crash 1,2 0488-1952 Adult Co2 Sample Set 2 Ea Crash 1,2 Mds195184 Glove-sm 1 Bx Crash 1,2 Mds195185 Glove-med 1 Bx Crash 1,2 Mds195186 Glove-lrg 1 Bx Crash 1,2 Mds195187 Glove-xlrg 1 Bx Crash 1,2 It-6150 Iv Start Pak 6 Ea Crash 1,2 Iv-001 Inject Site 2 Ea Crash 1,2 Iv-8042 Ext Set 2 Ea Crash 1,2 Iv-4173-15 Primary Iv Set 2 Ea Crash 1,2 It-1709 Iv Cath 14ga 5 Ea Crash 1,2 It-1707 Iv Cath 16ga 5 Ea Crash 1,2 It-1705 Iv Cath 18ga 5 Ea Crash 1,2 It-1703 Iv Cath 20ga 5 Ea Crash 1,2 It-1701 Iv Cath 22ga 5 Ea Crash 1,2 It3ccll 3cc Syringe 4 Ea Crash 1,2 It5ccll 5cc Syringe 4 Ea Crash 1,2 It10ccll 10cc Syringe 4 Ea Crash 1,2 It18ga 18 Ga. Needle 5 Ea Crash 1,2 It21ga 21 Ga. Needle 5 Ea Crash 1,2 It23ga 23 Ga. Needle 5 Ea Crash 1,2 Ic-90 Procedure Mask 1 Bx Crash 1,2 In-374 Magil Forcep Child 1 Ea Crash 1,2 In-675 Magil Forcep Adult 1 Ea Crash 1,2 Ab-300k Nasopharyngeal Airway Kit 1 Ea Crash 1,2 Aa-25 Guedel Airway Kit 1 Ea Crash 1,2 Om-7100 Bag Mask Adult 1 Ea Crash 1,2 Om-7200 Bag Mask Pedi 1 Ea Crash 1,2 Om-7300 Bag Mask Infant 1 Ea Crash 1,2 Oh-5013 Suction Handle W/tubing 1 Ea Crash 1,2 Ac-125 Et Tube Holder 2 Ea Crash 1,2 Ok-0101 Menconium Aspirator 1 Ea Crash 1,2 Ly1f Laryngo Handle Med. 1 Ea Crash 1,2 Ly2f Laryngo Handle Sm. 1 Ea Crash 1,2 Ly71f Blade Mac 1 1 Ea Crash 1,2 Ly72f Blade Mac 2 1 Ea Crash 1,2 Ly73f Blade Mac 3 1 Ea Crash 1,2 Ly74f Blade Mac 4 1 Ea Crash 1,2 Ly80f Blade Miller 0 1 Ea Crash 1,2 Ly81f Blade Miller 1 1 Ea Crash 1,2 Ly82f Blade Miller 2 1 Ea Crash 1,2 Ly83f Blade Miller 3 1 Ea Crash 1,2 Ly84f Blade Miller 4 1 Ea Crash 1,2 1920 Cannula 1 Ea Crash 1,2 Om-2438 Nebulizer 1 Ea Crash 1,2 Om-1058 Pedi-o2 Mask 1 Ea Crash 1,2 Ba-5 Triangular Bandage 2 Ea Crash 1,2 Be-2 Coban 2" 1 Ea Crash 1,2 Sl-7122 Sodium Chloride,250ml 2 Ea Crash 1,2 Bj-848 4x4 Pads 1 Bx Crash 1,2 Ba-6715 Kerlix 5 Ea Crash 1,2 Non246074p Limb Holder 6 Ea Crash 1,2 Ba-7020 Bandages 1 Bx Crash 1,2 Bs-7303a Emergency Blanket 1 Ea Crash 1,2 Md-63 Glucose 1 Ea Crash 1,2 Di-444 Heat-pak 2 Ea Crash 1,2 Di-688 Cold-pak 3 Ea Crash 1,2 Ta-5104 Zonas Tape 1" 2 Rl Crash 1,2 Ta-5106 Zonas Tape 2" 2 Rl Crash 1,2 Ta-7827-1 Transpore 1" 2 Rl Crash 1,2 Ta-7827-2 Transpore 2" 2 Rl Crash 1,2 Ba-415 Xeroform 2 Ea Crash 1,2 Os-01jt Oxygen Cylinder 1 Ea Crash 1,2 Og-888-02 O2 Regulator 1 Ea Crash 1,2 3m 1860 N-95 Mask 1 Bx Crash 1,2 Is-5488 Sharps Colector 3.3 Qt 1 Ea Crash 1,2 El-533 Electrode,meditrace 1 Bx Crash 1,2 Ic-1507 Infect Control Kit 2 Ea Cart Item Description Qty U/m Rubbermaid-8 Om-2438 Nebulizer 37 Ea Rubbermaid-8 Huds 1920 Nasal Cannula 96 Ea Rubbermaid-8 Om-1058 Pedi-mask W/resv 78 Ea Cart Item Description Qty U/m Rubbermaid-7 Iv-4173-15 Primary Iv Set 57 Ea Rubbermaid-7 Al-1 Alcohol Preps 2 Bx Rubbermaid-7 Cx-900p Stif-neck-pedi 2 Ea Rubbermaid-7 0814-9357 Stif-neck-adult 4 Ea Rubbermaid-7 Ta-2104 Zonas Tape 1" 12 Rl Rubbermaid-7 Ta-7827-1 Transpore 1" 12 Rl Rubbermaid-7 Id-1060 Pull-lock 1 Pk/250 Rubbermaid-7 El1310-p Meditrace 1310 6 Pk Rubbermaid-7 16293 Life-pak Paper 5 Rl Rubbermaid-7 El-533 Meditrace 533 1 Bx Rubbermaid-7 Om-20039 Addi-pak 1 Bx Rubbermaid-7 0488-1952 Co2 Cunnula 6 Ea Rubbermaid-7 Sl-7122 Sodium Chloride,250ml 8 Bt Rubbermaid-7 Ivv-16d Thoracentesis Kit 2 Ea Cart Item Description Qty U/m Rubbermaid-6 It-6150 Iv Start Pak 7 Bx/25 Rubbermaid-6 It-100 Atomization Device 1 Ea Rubbermaid-6 Iv-001 Injection Site 42 Ea Rubbermaid-6 It18ga 18 Ga. Needle 80 Ea Rubbermaid-6 It21ga 21 Ga. Needle 80 Ea Rubbermaid-6 It23ga 23 Ga. Needle 80 Ea Rubbermaid-6 It3ccll 3cc Syringe 92 Ea Rubbermaid-6 It5ccll 5cc Syringe 92 Ea Rubbermaid-6 It10ccll 10cc Syringe 92 Ea Rubbermaid-6 It-1709 Iv Cath 14ga 30 Ea Rubbermaid-6 It-1707 Iv Cath 16ga 30 Ea Rubbermaid-6 It-1705 Iv Cath 18ga 30 Ea Rubbermaid-6 It-1703 Iv Cath 20ga 30 Ea Rubbermaid-6 It-1701 Iv Cath 22ga 30 Ea Rubbermaid-6 Iv-8042 Ext Set 32 Ea Cart Item Description Qty Rubbermaid-5 Ab300k Naso Airway Kit 8 Rubbermaid-5 Aa25 Guedel Airway Kit 8 Rubbermaid-5 Om-7300 Infant Resuscitator 2 Rubbermaid-5 Om-7200 Pedi Resuscitator 4 Rubbermaid-5 Om-7100 Adult Resuscitator 9 Rubbermaid-5 Ac-125 Et Tube Holder 6 Rubbermaid-5 Ae-525 Flexiset,uncuffed 2.5 Mm 6 Rubbermaid-5 Ae-530 Flexiset,uncuffed 3.0 Mm 6 Rubbermaid-5 Ae-535 Flexiset,uncuffed 3.5 Mm 6 Rubbermaid-5 Ae-540 Flexiset,uncuffed 4.0 Mm 6 Rubbermaid-5 Ae-545 Flexiset,uncuffed 4.5 Mm 6 Rubbermaid-5 Ae-550 Flexiset,uncuffed 5.0 Mm 6 Rubbermaid-5 Ae-755 Flexiset-cuffed 5.5 Mm 6 Rubbermaid-5 Ae-760 Flexiset-cuffed 6.0 Mm 6 Rubbermaid-5 Ae-765 Flexiset-cuffed 6.5 Mm 6 Rubbermaid-5 Ae-770 Flexiset-cuffed 7.0 Mm 6 Rubbermaid-5 Ae-775 Flexiset-cuffed 7.5 Mm 6 Rubbermaid-5 Ae-780 Flexiset-cuffed 8.0 Mm 6 Rubbermaid-5 Ae-785 Flexiset-cuffed 8.5 Mm 6 Rubbermaid-5 Ae-790 Flexiset-cuffed 9.0 Mm 6 Rubbermaid-5 Oh-5013 Yankauer Suct. Set 2 Rubbermaid-5 33593 Poise Pads, Lrg 1 Rubbermaid-5 31738 Training Pants, 3t-4t 1 Rubbermaid-5 26242 Pampers 1, 8-14 Lbs 1 Rubbermaid-5 26247 Pampers 3, 16-28 Lbs 1 Rubbermaid-5 26251 Pampers 5, 27+ Lbs 1 Cart Item Description Qty U/m Rubbermaid 4 Pa-60 Bed Pan 20 Ea Rubbermaid 4 Pa-59 Urinal 20 Ea Rubbermaid 4 Pa-57 Emesis Basin 50 Ea Cart Item Description Qty U/m Rubbermaid-3 Ba6715 Kerlix 34 Ea Rubbermaid-3 Di-444 Heet-pak 13 Ea Rubbermaid-3 Di-688 Cold-pak 21 Ea Rubbermaid-3 Bj848 4x4 Pads 8 Bx Rubbermaid-3 Bs7303a Emergency Blanket 15 Ea Rubbermaid-3 Be-2 Coban 2" 4 Rl Rubbermaid-3 In001-blk Utility Scissors 1 Ea Rubbermaid-3 Ba-5 Triangular Bndg. 12 Ea Rubbermaid-3 Ba-415 Xeroform 2 Ea Rubbermaid-3 Is-shut Sharps Shuttle 16 Ea Cart Item Description Qty U/m Rubbermaid-2 Lp1212bipsbca Life-pak 12 2 Ea Rubbermaid-2 Ok-2100 Suction Unit 2 Ea Cart Item Description Qty U/m Rubbermaid-1 59826 Power Strip 4 Ea Rubbermaid-1 293556 Gorilla Tape 4 Rl Rubbermaid-1 1ec16 Tape Holder 3 Ea Rubbermaid-1 59226 Power Cord-15ft. 4 Ea Rubbermaid-1 67864 Power Cord-25ft. 4 Ea Rubbermaid-1 67439 Power Cord-50ft. 2 Ea Rubbermaid-1 82455 Power Cord-100ft. 3 Ea Rubbermaid-1 9bn-125501 Mega-phone 1 Ea Cart Item Description Qty U/m Trifold-8 Sh11c Folding Cot 30 Ea Trifold-8 Earplugs Earplugs 400 Ea Trifold-8 Reflective Belts Neon Green Belts 50 Ea Trifold-8 Wristbands Blue,green,yellow,orange 500 Ea Trifold-8 Non24777a Safety Glasses,lrg 60 Ea Trifold-8 Dms-05834 Vest,blue 8 Ea Trifold-8 Dms-05835 Vest,green 13 Ea Trifold-8 Dms-05838 Vest,black 11 Ea Trifold-8 Dms-05831 Vest,red 6 Ea Trifold-8 Dms-05832 Vest,white 8 Ea Trifold-8 Dms-05833 Vest,yellow 8 Ea Trifold-8 Dms-05836 Vest,orange 10 Ea Trifold-8 â  Ndms Fcc Vest 14 Ea Trifold-8 5023-72 Blue Suede Leather Gloves,lrg 42 Pr Cart Item Description Qty U/m Trifold-10 Triage Area Stand Triage Area Tape Stand 75 Ea Trifold-10 119287 1st. Priority Tape Red 1 Rl Trifold-10 119288 2nd. Priority Tape Yellow 1 Rl Trifold-10 119289 3rd. Priority Tape Green 1 Rl Trifold-10 Bt-2m-3-500-pin Pink Barracade Tape 2 Rl Trifold-10 1n956 Do Not Enter Tape 3 Rl Trifold-10 Sand Bag Sand Bag 65 Ea Trifold-10 Pink Triage Flag Pink Triage Flag 1 Ea Trifold-10 Yellow Triage Flag Yellow Triage Flag 1 Ea Trifold-10 Red Triage Lfag Red Triage Lfag 1 Ea Trifold-10 Green Triage Flag Green Triage Flag 1 Ea Trifold-10 100ft Measuring Tape 100ft Measuring Tape 1 Ea Cart Item Description Qty U/m Storm 4 Aah73wcf9na5an Dtr650,1watt,10ch,900mhz,two Way Radio 10 Ea Storm 4 Bdn6773a Headset,sngl Spkr For Two Way Radios 10 Ea Storm 4 Rpm4035a Battery Charger For Two Way Radios 10 Ea Storm 4 Snn5708b Battery 3.6 Lithium 10 Ea Cart Item Description Qty U/m Storm-3 â  Life-pak 1212 Charger 1 Ea Storm-3 â  Printer 1 Ea Storm-3 â  Power Cord For Charger 1 Ea Storm-3 â  Power Cord For Printer 1 Ea Storm-3 â  Data Cord For Printer 1 Ea Cart Item Description Qty U/m Storm-2 224-8070 Lap Top Computer 3 Ea Storm-2 3800g14 Handheld Barcode Scanner 1 Ea Storm-2 A2866576 Router 1 Ea Storm-2 330-9456 Mice For Lap -top 3 Ea Storm-2 â  Power Cord For Lap-top 3 Ea Cart Item Description Qty U/m Storm-1 â  Motorola Barcode Scanner 10 Ea Storm-1 â  Battery Charger 3 Ea Storm-1 â  Docking Station For Scanners 1 Ea Storm-1 â  Batteries For Scanners 22 Ea Cart Item Description Qty U/m Triage Rolling Tx-5420 Triage Tags 10 Pk Triage Rolling Mds195184 Glove-sm 1 Bx Triage Rolling Mds195185 Glove-med 1 Bx Triage Rolling Mds195186 Glove-lrg 1 Bx Triage Rolling Mds195187 Glove-xlrg 1 Bx Triage Rolling Po8500a Pulse Ox 2 Ea Triage Rolling In001-blk Utility Scissors 2 Ea Triage Rolling Pl-1008 Penlight 2 Ea Triage Rolling St-2290 Stethoscope 1 Ea Triage Rolling Ta-7827-1 Transpore 1" 2 Rl Triage Rolling Ta-7827-2 Transpore 2" 2 Rl Triage Rolling Ta-5104 Zonas Tape 1" 2 Rl Triage Rolling Ta-5106 Zonas Tape 2" 2 Rl Triage Rolling Tx-wheel Pedi-wheel 1 Ea Triage Rolling Tx-critical Pocket Guide 1 Ea Triage Rolling Sg-2020s-blu Blood Presure Kit 1 Ea Triage Rolling Hp-202 Ear Plugs 2 Bx Triage Rolling 0s-01jt Oxygen Cylinder 3 Ea Triage Rolling 0s-01jt Oxygen Cylinder 3 Ea Cart Item Description Qty U/m Tri-fold-4 961760 Folding Chairs 20 Ea Tri-fold-4 624759 Easel 1 Ea Tri-fold-4 â  Easel Stand 1 Ea Tri-fold-4 287073 Shredder 1 Ea Tri-fold-4 313098 Trash Can 41 Qt. 2 Ea Tri-fold-4 221507 Trash Can 7 Gl. 10 Ea Tri-fold-4 Non123143 Red Liners 31 X 43 1 Cs/200 Tri-fold-4 Pa-59 Urinal 10 Ea Tri-fold-4 Pa-60 Bed Pan 11 Ea Tri-fold-4 â  Clipboards 20 Ea Cart Item Description Qty U/m Stretcher Psc-he Wheeled Stretcher Cart W/20 Wheels 10 Ea Cart Item Description Qty U/m Tri-fold-5 60-0014 Stretcher Stand 10 Ea Tri-fold-5 60-0027 Back Rest 5 Ea Tri-fold-5 Mass-casualty O2 Kit Mass-casualty O2 Kit 1 Ea Tri-fold-5 Kit-2222 Personal Protection Kit Lrg 1 Ea Cart Item Description Qty U/m Tri-fold-6 60-0014 Stretcher Stand 10 Ea Tri-fold-6 60-0027 Back Rest 5 Ea Tri-fold-6 Mass-casualty O2 Kit Mass-casualty O2 Kit 1 Ea Tri-fold-6 Kit-2222 Personal Protection Kit Lrg 1 Ea Cart Item Description Qty U/m Tri-fold-7 60-0001 Litters 20 Ea Tri-fold-7 60-0008 Iv Poles 20 Ea Tri-fold-7 Delineator Post Delineator Post 12 Ea Tri-fold-7 12# Base Base For Post 12 Ea Tri-fold-7 Lanyards Lanyards 400 Ea Cart Item Description Qty U/m Rubbermaid-9 Is-8303sa Small Sharps 10 Ea Rubbermaid-9 Al-881a Sani-cloth Wipes 6 Bx Rubbermaid-9 Is-shut Sharps Shuttle 24 Ea Rubbermaid-9 3m 1860 N-95 Mask 4 Bx/20 Rubbermaid-9 Mds195184 Glove-sm 4 Bx Rubbermaid-9 Mds195185 Glove-med 4 Bx Rubbermaid-9 Mds195186 Glove-lrg 4 Bx Rubbermaid-9 Mds195187 Glove-xlrg 4 Bx Rubbermaid-9 Og-888-02 Regulator 2 Ea Rubbermaid-9 Is-5488 Sharps-krg. 4 Ea Rubbermaid-9 Ic-1507 Infectious Control Kit 16 Ea Cart Item Description Qty U/m Treatment- Green Sg-2020s-blu Blood Presure Kit 2 Ea Treatment- Green St-2290 Stethoscope 2 Ea Treatment- Green Po8500a Pulse Ox 1 Ea Treatment- Green In001-blk Utility Scissors 1 Ea Treatment- Green Pl-1008 Penlight 2 Ea Treatment- Green Tx-wheel Pedi-wheel 1 Ea Treatment- Green Tx-critical Pocket Guide 1 Ea Treatment- Green Ba6715 Kerlix 2 Ea Treatment- Green Bj848 4x4 Pads 20 Ea Treatment- Green Di-444 Heet-pak 1 Ea Treatment- Green Di-688 Cold-pak 1 Ea Treatment- Green Om-20039 Saline Bullets 5 Ea Treatment- Green Sl-7122 Sodium Chloride,250ml 2 Bt Treatment- Green Ta-7827-1 Transpore 1" 2 Rl Treatment- Green Ta-7827-2 Transpore 2" 2 Rl Treatment- Green Ta-5104 Zonas Tape 1" 2 Rl Treatment- Green Ta-5106 Zonas Tape 2" 2 Rl Treatment- Green Bs7303a Emergency Blanket 1 Ea Treatment- Green Mds195184 Glove-sm 1 Bx Treatment- Green Mds195185 Glove-med 1 Bx Treatment- Green Mds195186 Glove-lrg 1 Bx Treatment- Green Mds195187 Glove-xlrg 1 Bx Treatment- Green Sl-7122 Sodium Chloride,250ml 2 Bt Treatment- Green Is-5488 Sharps Colector 3.3 Qt 1 Ea Cart Item Description Qty U/m Treatment Red-yellow Sg-2020s-blu Blood Presure Kit 2 Ea Treatment Red-yellow St-2290 Stethoscope 2 Ea Treatment Red-yellow In001-blk Utility Scissors 1 Ea Treatment Red-yellow Pl-1008 Penlight 2 Ea Treatment Red-yellow Po8500a Pulse Ox 1 Ea Treatment Red-yellow Gu10019 Accu-chek Glucomrter 1 Ea Treatment Red-yellow Th-4000 Thermoscan 1 Ea Treatment Red-yellow Th5075 Probe Covers 1 Bx Treatment Red-yellow Tx-wheel Pedi-wheel 1 Ea Treatment Red-yellow Tx-critical Pocket Guide 1 Ea Treatment Red-yellow Ba6715 Kerlix 2 Ea Treatment Red-yellow Bj848 4x4 Pads 20 Ea Treatment Red-yellow Di-444 Heet-pak 1 Ea Treatment Red-yellow Di-688 Cold-pak 1 Ea Treatment Red-yellow Be-2 Coban 2" 1 Rl Treatment Red-yellow Ba-415 Xeroform 2 Ea Treatment Red-yellow Om-20039 Saline Bullets 7 Ea Treatment Red-yellow Sl-7122 Sodium Chloride,250ml 2 Bt Treatment Red-yellow Ta-7827-1 Transpore 1" 2 Rl Treatment Red-yellow Ta-7827-2 Transpore 2" 2 Rl Treatment Red-yellow Ta-5104 Zonas Tape 1" 2 Rl Treatment Red-yellow Ta-5106 Zonas Tape 2" 2 Rl Treatment Red-yellow Bs7303a Emergency Blanket 1 Ea Treatment Red-yellow Mds195184 Glove-sm 1 Bx Treatment Red-yellow Mds195185 Glove-med 1 Bx Treatment Red-yellow Mds195186 Glove-lrg 1 Bx Treatment Red-yellow Mds195187 Glove-xlrg 1 Bx Treatment Red-yellow Iv4173-15 Primary Iv Set 2 Ea Treatment Red-yellow Iv-001 Inject Site 2 Ea Treatment Red-yellow Iv-8042 Ext Set 2 Ea Treatment Red-yellow It-6150 Iv Start Pak 6 Ea Treatment Red-yellow It-18ga 18 Ga. Needle 5 Ea Treatment Red-yellow It21ga 21 Ga. Needle 5 Ea Treatment Red-yellow It23ga 23 Ga. Needle 5 Ea Treatment Red-yellow It3ccll 3cc Syringe 2 Ea Treatment Red-yellow It5ccll 5cc Syringe 2 Ea Treatment Red-yellow It10ccll 10cc Syringe 2 Ea Treatment Red-yellow It-1709 Iv Cath 14ga 5 Ea Treatment Red-yellow It-1707 Iv Cath 16ga 5 Ea Treatment Red-yellow It-1705 Iv Cath 18ga 5 Ea Treatment Red-yellow It-1703 Iv Cath 20ga 5 Ea Treatment Red-yellow It-1701 Iv Cath 22ga 5 Ea Treatment Red-yellow Is-5488 Sharps Colector 3.3 Qt 1 Ea Echcs Government Furnished Property Inventory List (storage Only) Item Description Quantity Invacare/hill Rom Hospital Beds/stretchers 30 Blue Isolation Tents 10 Bed Negative Isolation Tent W/hvac Unit 3 Hand Wash Station Portable Hand Wash Station/w Hand Sanitizer 6 Canopy Tents 10x10 Pop Up Canopy Tents 14 Lighting Units Milwaukee Cordless Lighting Units 6 Medical Surge Kits Vericore Portable Medical Surge Units 13 Shelter In Place Kits Propac 25 Bed Shelter In Place Kit 2ft X 4 Ft 10 Medical Surge Beds Vericore Put Together Beds For Med Surge 50 Emergency Transport Trailer Red Tow Trailer For Transport Of Cache To Hospital 1 The Full Text Of Far Provisions Or Clauses May Be Accessed Electronically At Http://acquisition.gov/comp/far/index.html. The Following Solicitation Provisions Apply To This Acquisition: Far 52.212-1, Instructions To Offerors Commercial Products And Commercial Services Far 52.212-3, Offerors Representations And Certifications Commercial Products And Commercial Services Offerors Must Complete Annual Representations And Certifications Electronically Via The System For Award Management (sam) Website Located At Https://www.sam.gov/portal In Accordance With Far 52.212-3, Offerors Representations And Certifications Commercial Products And Commercial Services. If Paragraph (j) Of The Provision Is Applicable, A Written Submission Is Required. The Following Contract Clauses Apply To This Acquisition: Far 52.212-4, Contract Terms And Conditions Commercial Products And Commercial Services [dec 2022] Far 52.212-5, Contract Terms And Conditions Required To Implement Statutes Or Executive Orders Commercial Products And Commercial Services [sept 2023] The Following Subparagraphs Of Far 52.212-5 Are Applicable: 52.204-10 Reporting Executive Compensation & First-tier Subcontract Awards (jun 2020) 52.209-9 Protecting The Government S Interest When Subcontracting With Contractors Debarred, Suspended, Or Proposed For Debarment (nov 2021) 52.219-4 Notice Of Price Evaluation Preference For Hubzone Small Business Concerns (oct 2022) 52.219-28 Post Award Small Business Program Representation (sept 2023) 52.222-3, Convict Labor (jun 2003) (e.o.11755) 52.222-19, Child Labor-cooperation With Authorities And Remedies (dec 2022) (e.o.13126) 52.222-21, Prohibition Of Segregated Facilities (apr 2015) 52.222-26, Equal Opportunity (sep 2016) (e.o.11246) 52.222-36 Equal Opportunity For Workers With Disabilities (jun 2020) 52.222-50 Combating Trafficking In Persons (nov 2021) 52.223-18, Encouraging Contractor Policies To Ban Text Messaging While Driving (jun 2020) (e.o. 13513) 52.224-3 Privacy Training (jan 2017) 52.232-34 Payment By Electronic Funds Transfer Other Than System For Award Management (jul 2013) 52.222-41 Service Contract Labor Standards (aug 2018) 52.222-42 Statement Of Equivalent Rates For Federal Hires (may 2014) Far 52.204-9, Personal Identity Verification Of Contractor Personnel (jan 2011); Far 52.204-13, System For Award Management Maintenance (oct 2018); Far 52.204-18, Commercial And Government Entity Code Maintenance (aug 2020); Far 52.217-8 Option To Extend Services (nov 1999) The Government May Require Continued Performance Of Any Services Within The Limits And At The Rates Specified In The Contract. These Rates May Be Adjusted Only Because Of Revisions To Prevailing Labor Rates Provided By The Secretary Of Labor. The Option Provision May Be Exercised More Than Once, But The Total Extension Of Performance Hereunder Shall Not Exceed 6 Months. The Contracting Officer May Exercise The Option By Written Notice To The Contractor Within Fifteen (15) Days Of The Expiration Date Of The Current Contract Period. The `specified' Rates Under This Clause Will Be Those Rates In Effect Under The Contract Each Time An Option Is Exercised Under This Clause. (end Of Clause) Far 52.217-9 Option To Extend The Term Of The Contract (mar 2000) (a) The Government May Extend The Term Of This Contract By Written Notice To The Contractor Within 1 Days; Provided That The Government Gives The Contractor A Preliminary Written Notice Of Its Intent To Extend At Least 30 Days Before The Contract Expires. The Preliminary Notice Does Not Commit The Government To An Extension. (b) If The Government Exercises This Option, The Extended Contract Shall Be Considered To Include This Option Clause.(c) The Total Duration Of This Contract, Including The Exercise Of Any Options Under This Clause, Shall Not Exceed 5 Years. (end Of Clause) Far 52.222-14 Disputes Concerning Labor Standards (feb 1988) Cl 120 - Supplemental Insurance Requirements: In Accordance With Far 28.307-2 And Far 52.228-5, The Following Minimum Coverage Shall Apply To This Contract: (a) Workers' Compensation And Employers Liability: Contractors Are Required To Comply With Applicable Federal And State Workers' Compensation And Occupational Disease Statutes. If Occupational Diseases Are Not Compensable Under Those Statutes, They Shall Be Covered Under The Employer's Liability Section Of The Insurance Policy, Except When Contract Operations Are So Commingled With A Contractor's Commercial Operations That It Would Not Be Practical To Require This Coverage. Employer's Liability Coverage Of At Least $100,000 Is Required, Except In States With Exclusive Or Monopolistic Funds That Do Not Permit Workers' Compensation To Be Written By Private Carriers. (b) General Liability: $500,000.00 Per Occurrences. (c) Automobile Liability: $200,000.00 Per Person; $500,000.00 Per Occurrence And $20,000.00 Property Damage. (d) The Successful Bidder Must Present To The Contracting Officer, Prior To Award, Evidence Of General Liability Insurance Without Any Exclusionary Clauses For Asbestos That Would Void The General Liability Coverage. (end Of Clause) Far 52.232-40, Providing Accelerated Payments To Small Business Subcontractors (mar 2023); Far 52.237-3, Continuity Of Services (jan 1991); Vaar 852.203-70, Commercial Advertising (may 2008); Vaar 852.204-70, Personal Identity Verification Of Contractor Personnel (may 2020); Vaar 852.215-71, Evaluation Factor Commitments (oct 2019) Vaar 852.232-72 Electronic Submission Of Payment Requests (nov 2018) The Provision At Far 52.212-2, Evaluation -- Commercial Items (nov 2021), Applies To This Acquisition. (a) The Government Will Award A Contract Resulting From This Solicitation To The Responsible Offeror Whose Offer Conforming To The Solicitation Will Be Most Advantageous To The Government, Price And Other Factors Considered. The Following Factors Shall Be Used To Evaluate Offers: Factor 1: Past Performance Offeror Shall Provide No More Than Three References Of Relatively The Same Size And Complexity. Include The Following Information For Each Contract: Name And Address Of Contracting Activity (company Name), Contract Number, Type Of Contract, Total Contract Amount, And Status, Date Of Award And Completion, Description And Location Of Contract Work, List Of Major Subcontractors If Any, Contracting Officer Or Individual Responsible For Signing The Contract, And Their Email Address. Offerors May Provide Information On Problems Encountered On Identified Contracts And The Offeror S Corrective Action. Searches In Cpars (contractor Performance Assessment Reporting System), Ppirs (past Performance Information Retrieval System), As Well As Past Performance Questionnaires May Be Utilized. Factor 2: Price Offerors Shall Provide One Copy Of The Fully Completed Price Schedule In The Format Listed Above. Proposed Prices Will Be Evaluated For Reasonableness. Contract Award Will Be Made Based On The Solicitation Response That Represents The Best Value To The Government Using A Contracting Officer S Comparative Analysis. Since The Contracting Officer Is Considering Price And Other Factors, The Co May Award To Other Than The Lowest-priced Offer. The Information Below Explains The Evaluation Approach. Award Will Be Based Upon A Comparative Evaluation Of Quotes In Accordance With The Simplified Acquisition Procedures Of Far 13. Comparative Evaluation Is The Side By Side Pairwise Comparison Of Quotes Based On Factors Resulting In A Contracting Officer Decision For The Quote Most Favorable To The Government. The Contracting Officer Will Make A Comparative Analysis Of All Offers Against The Solicitation, Using The Following Factors To Decide Which Offer(s) Represent The Best Value To The Government: (b) Options. The Government Will Evaluate Offers For Award Purposes By Adding The Total Price For All Options To The Total Price For The Basic Requirement. The Government May Determine That An Offer Is Unacceptable If The Option Prices Are Significantly Unbalanced. Evaluation Of Options Shall Not Obligate The Government To Exercise The Option(s). (c) A Written Notice Of Award Or Acceptance Of An Offer, Mailed Or Otherwise Furnished To The Successful Offeror Within The Time For Acceptance Specified In The Offer, Shall Result In A Binding Contract Without Further Action By Either Party. Before The Offer S Specified Expiration Time, The Government May Accept An Offer (or Part Of An Offer), Whether There Are Negotiations After Its Receipt, Unless A Written Notice Of Withdrawal Is Received Before Award. (end Of Provision) All Quoters Shall Submit The Following: Completed Pricing Schedule And One Of The Below Statements Must Be Included In The Offer: "the Terms And Conditions In The Solicitation Are Acceptable To Be Included In The Award Document Without Modification, Deletion, Or Addition." Or "the Terms And Conditions In The Solicitation Are Acceptable To Be Included In The Award Document With The Exception, Deletion, Or Addition Of The Following:" Quoters Shall List Exception(s) And Rationale For The Exception(s), If Any. Submission Of Your Response Shall Be Received Not Later Than 1pm Mtn On Monday, November 13, 2023. Responses Shall Be Sent To The Point Of Contact Listed. The Full Text Of A Solicitation Provision Or Contract Clause May Be Accessed Electronically At The Address(es) Below: Http://www.acquisition.gov/far/index.html Http://www.va.gov/oamm/oa/ars/policyreg/vaar/index.cfm All Information Has Been Posted And There Are No Other Documents Available. Offers Are To Be Received Via Email To The Points Of Contact Below No Later Than 1:00 Pm Mountain Time On Monday, November 13, 2023. Offers Submitted By Fascimile (fax Machine) Will Not Be Accepted. Any Questions Or Concerns Regarding This Solicitation Should Be Forwarded In Writing Via E-mail To The Point Of Contact Listed Below. Point Of Contact Jennifer Balsiger; Jennifer.balsiger@va.gov

Details: Combined Synopsis-solicitation For Commercial Products And Commercial Services revision 01 effective: 05/30/2023 description this Is A Combined Synopsis/solicitation For Commercial Products And Services Prepared In Accordance With The Format In Federal Acquisition Regulation (far) Subpart 12.6, Streamlined Procedures For Evaluation And Solicitation For Commercial Products And Services, As Supplemented With Additional Information Included In This Notice. This Announcement Constitutes The Only Solicitation; Quotes Are Being Requested, And A Written Solicitation Document Will Not Be Issued. this Solicitation Is Issued As Rfq 36c24124q0249. The Solicitation Document And Incorporated Provisions And Clauses Are Those In Effect Through Federal Acquisition Circular 2023-03. the Associated North American Industrial Classification System (naics) Code For This Procurement Is Naics 238290 (other Building Equipment Contractors) Size Standard $22 Million. this Is Being Bid As A Sdvosb Set-aside. the Vamc West Haven 950 Campbell Ave West Haven, Ct 06516 Is Seeking To Identify Any Vendor Capable Of Providing Vamc West Haven With Mechanical Systems Repairs In Building 1 Servicing Critical Infrastructure. They Have Been Diagnosed And In Need Of The Following Repairs: replacement Of The Head Pressure Control On Compressor 1 Of Crac #1 Located In Building 1 Room Sg105. replacement Of The Compressor In The Liebert Unit Located In Building 1 Room Sg105. replacement Of The Relief Valve On Compressor 2 Of Crac #3 In Building 1 Room Sg105. all Interested Companies Shall Provide Quotations For The Following: statement Of Work background mechanical Systems In Building 1 Servicing Critical Infrastructure Have Been Diagnosed And In Need Of Repairs As Follows: replacement Of The Head Pressure Control On Compressor 1 Of Crac #1 Located In Building 1 Room Sg105. replacement Of The Compressor In The Liebert Unit Located In Building 1 Room Sg105. replacement Of The Relief Valve On Compressor 2 Of Crac #3 In Building 1 Room Sg105. justification replacement Of Mechanical Equipment Is Needed To Maintain Daily Operations And Protect Critical Infrastructure Needed To Continue To Provide Patient Care. place Of Performance the Place Of Performance For This Contract Is Va Connecticut Healthcare System, West Haven Va Medical Center Located At 950 Campbell Avenue, West Haven, Ct 06516. period Of Performance the Contract Time Period Of Performance Will Be 60 Calendar Days From Notice To Proceed (ntp) And Includes Contractor Closeout. qualifications to Be Considered Eligible For Consideration, Potential Bidders Shall Have A Field Service Representative Located Within 200 Miles Of The West Haven And Newington Campuses Of The Va Connecticut Healthcare System And Have Been Trained By The Original Equipment Manufacturer (oem) On The Specific Model Of Equipment That He/she Is Being Asked To Provide Services For. bidders Shall Provide Upon Request, Documentation Of Factory Certified Service/maintenance Training On The Specific Equipment Under The Terms Of This Contract. The Contracting Officer And/or Contracting Officer S Representative (cor) Specifically Reserve The Right To Reject Any Of The Contractor S Personnel And Refuse Them Permission To Work On The Equipment Outlined Herein, Based Upon Credentials Provided. scope Of Work the Scope Of This Work Includes The Replacement Of Mechanical System Parts Including Compressor Head Pressure Control, Compressor, And Compressor Relief Valve. the Awarded Contractor Shall Furnish Al Materials, Equipment, Supervision, And Personnel Necessary To Accomplish The Project As Indicated. work Shall Occur During Regular Business Hours Between 7:00 A.m. 4:30 P.m. Or As Coordinated. objectives: the Project Will Include But Not Be Limited To The Following: contractor Shall Furnish Appropriate Tools, Equipment, And Labor To Replace The Head Pressure Control On Compressor 1 Of Crac #1 Located In Building 1 Room Sg105. contractor Shall Furnish Appropriate Tools And Equipment To Replace The Compressor In The Liebert Unit Located In Building 1 Room Sg105. contractor Shall Furnish Appropriate Tools And Equipment To Replace The Relief Valve On Compressor 2 Of Crac #3 Located In Building 1 Room Sg105. protect All Equipment In Place During Replacement Activities. all Contractor Personnel, Sub-contractors And Representatives Visiting Va Sites Will Be Required To Sign In Upon Arrival At Building 15 And/or Retain A Temporary Va Badge. Each Visiting Individual Be Required To Enter Their Name, Their Company S Name, Va Project Title, Reason For Visit, And The Times Of Arrival And Departure. Arrangements For After Normal Hour Working Site Visits Must Be Made In Advance And During Normal Working Hours. general: The Contracting Officer Reserves The Right To Terminate Any Construction Period Services, Without Payment For Services Completed, If Such Services Are Not Needed Or Are Not Being Adequately Completed. approved Plans And Permits: Prior To The Start Of Construction, Submit To Va Copies Of All Required Permits. site Visits: Day To Day Construction Administration Will Be Performed By The Cor. Periodic Reviews, Tests, And Other Field Observation By The Government Are Not To Be Interpreted As Superintendence Nor As Resulting In Any Approval Of The Contractor S Apparent Progress Toward Meeting The Government S Objectives; But Are Intended To Discover Any Information That The Contracting Officer May Be Able To Call To The Contractor S Attention To Prevent Costly Misdirection Of Effort. the Contractor Shall Remain Responsible For Constructing, Operating, And Maintaining The Site In Full Accordance If The Requirements Of This Solicitation. the Contractor Shall Provide Va With A Copy Of All Inspection Reports For Inspections Conducted By Local, Regional, And State Code Authorities From The Start Of Construction Through Issuance Of The Certificate Of Occupancy Or Completion. the Contractor Shall Develop And Provide To The Va The Following: safety Plan: The Contractor Shall Produce Work In Accordance With The Latest Editions Of All Applicable Dva Guidelines (e.g. Construction Standards, Master Specifications, Standard Details, Special Design Criteria To Meet Hospital Joint Commission (jcaho) Requirements), Nfpa, Federal And State Codes Pertinent To The Project Scope. all Construction Personnel On Site Are Required To Obtain An Occupational Safety And Health administration (osha) 10 Hour Construction Certification, And The Site Competent Person For The contractor Must Obtain An Osha 30 Hour Construction Certification. prior To The Start Of Construction, The Specifications Shall Require The Contractor To Develop And submit Such Plans As Required By The Va Relating To Safety And Environmental Issues. These May Include But Are Not Limited To: job Hazard Analysis And Loto quality Control Plan: A Quality Control Plan Shall Be Implemented For Identifying And Specifying The Appropriate Standard Forms For Quality Control Inspections That Will Become Part Of The Overall Plan. per Va Directive 1805, Smoking Vaping, And Smokeless Tobacco Are Prohibited On The Grounds Of Va Facilities, Including In Vehicles. This Directive Applies To All Service Providers And Their Employees. no Photography Of Va Premises Is Allowed Without Written Permission Of The Contracting Officer. Patients And Staff Are Not To Be Photographed At Any Time. prior To Commencing Work Onsite, All Service Providers And Provider Personnel Shall Furnish Proof Of Receipt Of Required Covid Vaccinations And Boosters In Compliance With Current Vha Directives. prior To Commencing Work Onsite, All Service Providers And Provider Personnel Shall Furnish Proof Of Receipt Of Required Tuberculosis Testing In Compliance With Vha Directive 1131(5), Dated June 04, 2021. parking For Service Provider And Its Employees Shall Be In Designated Areas Only. Service Provider To Coordinate With Cor. the Service Provider Shall Confine All Operations (including Storage Of Materials) On Government Premises To Areas Authorized Or Approved By The Va Contracting Officer. The Service Provider Shall Hold And Save The Government, Its Officers, And Agents, Free And Harmless From Liability Of Any Nature Occasioned By The Service Provider S Performance. Working Space And Space Available For Storing Materials Shall Be As Determined By The Cor. Workers Are Subject To The Rules Of The Medical Center Applicable To Their Conduct. Execute Work In Such A Manner As To Reduce Impacts With Work Being Done By Others. billing: Provide Cor With A Report Or Statement Of Work Completed And Include Statements With Request For Payment. Statement Should Include Service Completed And The Date Each Service Item Was Completed. Labor Charges Shall Be Billed Hourly, And Any Unused Labor Totals Will Be Credited Back To The Va Medical Center On The Next Billing Cycle, Upon Receipt Of The Service Report. safety Codes / Certification / Licensing: environmental Abatement Work, If Necessary, Is To Be Performed By Contractor Under Supervision And monitoring For The Va By A Certified Industrial Hygienist. the Contractor Shall Comply With All Codes As Described Above, As Well As Codes Customarily Applied In va Construction Jobs Such As Nfpa Fire Code, Osha, Va Design Guides, Etc. Labs Used By The Contractor shall Be Licensed As Required By Any Applicable Governing Agencies, And Their Certifications And Licenses shall Be Included In The Reports. travel: contractor And/or Subcontractors Will Travel From Their Place Of Business To The West Haven Vamc Of The Va Connecticut Healthcare System. appendix A infection Prevention Measures a. Implement The Requirements Of Va Medical Center S Infection Control Risk Assessment (icra) Team. Icra Group May Monitor Dust, In The Vicinity Of The Construction Work, And require The Contractor To Take Corrective Action Immediately If The Safe Levels Are Exceeded. b. Establish And Maintain A Dust Control Program As Part Of The Contractor S Infection preventive Measures In Accordance With The Guidelines Provided By Icra Group As Specified here. Prior To Start Of Work, Prepare A Plan Detailing Project-specific Dust Protection Measures, including Periodic Status Reports, And Submit To Project Manager And Facility Icra Team For review For Compliance With Contract Requirements In Accordance With Section 01340, Samples and Shop Drawings. 1. All Personnel Involved In The Construction Or Renovation Activity Shall Be Educated and Trained In Infection Prevention Measures Established By The Medical Center. c. Medical Center Infection Control Personnel Shall Monitor For Airborne Disease (e.g. aspergillosis) As Appropriate During Construction. A Baseline Of Conditions May Be Established by The Medical Center Prior To The Start Of Work And Periodically During The Construction Stage to Determine Impact Of Construction Activities On Indoor Air Quality. In Addition: 1. The Project Manager And Vamc Infection Control Personnel Shall Review Pressure differential Monitoring Documentation To Verify That Pressure Differentials In The Construction zone And In The Patient-care Rooms Are Appropriate For Their Settings. The Requirement For negative Air Pressure In The Construction Zone Shall Depend On The Location And Type Of Activity. upon Notification, The Contractor Shall Implement Corrective Measures To Restore Proper pressure Differentials As Needed. 2. In Case Of Any Problem, The Medical Center, Along With Assistance From The contractor, Shall Conduct An Environmental Assessment To Find And Eliminate The Source. d. In General, Following Preventive Measures Shall Be Adopted During Construction To Keep down Dust And Prevent Mold. 1. Dampen Debris To Keep Down Dust And Provide Temporary Construction Partitions In existing Structures Where Directed By Resident Engineer. Blank Off Ducts And Diffusers To prevent Circulation Of Dust Into Occupied Areas During Construction. 2. Analyze Each Site During Design To Determine The Effects Of Blocking Hvac Ducts And their Impact On Existing Air Handling Systems That Must Remain Operational Before Initiating A dust Control Program. The Method Of Capping Ducts Shall Be Dust Tight And Withstand Airflow. 3. Construct Anteroom To Maintain Negative Airflow From Clean Area Through Anteroom and Into Work Area Where Required. 4. High Risk Patient Care Areas May Require Additional Measures Like Air Locks, Special signage, Smoke And Negative Pressure Alarms. 5. Identify These Areas Clearly On The Drawings And Work With Medical Center Personnel to Achieve Desired Level Of Isolation Suited To The Scope Of Risk Involved. 6. Do Not Perform Dust- Producing Tasks Within Occupied Areas Without The Approval Of the Project Manager. For Construction In Any Areas That Will Remain Jointly Occupied By The medical Center And Contractor S Workers, The Contractor Shall: a. Provide Dust Proof Fire-rated Temporary Drywall Construction Barriers To completely Separate Construction From The Operational Areas Of The Hospital In Order to Contain Dirt Debris And Dust. Barriers Shall Be Sealed And Made Presentable On hospital Occupied Side. Install A Self-closing Rated Door In A Metal Frame, commensurate With The Partition, To Allow Worker Access. Maintain Negative Air At All times. A Fire Retardant Polystyrene, 6-mil Thick Or Greater Plastic Barrier Meeting Local fire Codes May Be Used Where Dust Control Is The Only Hazard, And An Agreement Is reached With The Resident Engineer And Medical Center. b. Hepa Filtration Is Required Where The Exhaust Dust May Reenter The Breathing zone. Contractor Shall Verify That Construction Exhaust To Exterior Is Not Reintroduced to The Medical Center Through Intake Vents, Or Building Openings. Install Hepa (high efficiency Particulate Accumulator) Filter Vacuum System Rated At 95% Capture Of 0.3 microns Including Pollen, Mold Spores And Dust Particles. Insure Continuous Negative air Pressures Occurring Within The Work Area. Hepa Filters Should Have Ashrae 85 Or other Pre-filter To Extend The Useful Life Of The Hepa. Provide Both Primary And secondary Filtrations Units. Exhaust Hoses Shall Be Heavy Duty, Flexible Steel reinforced And Exhausted So That Dust Is Not Reintroduced To The Medical Center. c. Adhesive Walk-off/carpet Walk-off Mats, Minimum 24 X 36 , Shall Be Used At All interior Transitions From The Construction Area To Occupied Medical Center Area. these Mats Shall Be Changed As Often As Required To Maintain Clean Work Areas directly Outside Construction Area At All Times. d. Vacuum And Wet Mop All Transition Areas From Construction To The Occupied medical Center At The End Of Each Workday. Vacuum Shall Utilize Hepa Filtration. maintain Surrounding Area Frequently. Remove Debris As They Are Created. Transport these Outside The Construction Area In Containers With Tightly Fitting Lids. e. The Contractor Shall Not Haul Debris Through Patient-care Areas Without Prior approval Of The Resident Engineer And The Medical Center. When, Approved, Debris shall Be Hauled In Enclosed Dust Proof Containers Or Wrapped In Plastic And Sealed with Duct Tape. No Sharp Objects Should Be Allowed To Cut Through The Plastic. Wipe down The Exterior Of The Containers With A Damp Rag To Remove Dust. All Equipment, tools, Material, Etc. Transported Through Occupied Areas Shall Be Made Free From Dust and Moisture By Vacuuming And Wipe Down. f. Using A Hepa Vacuum, Clean Inside The Barrier And Vacuum Ceiling Tile Prior To replacement. Any Ceiling Access Panels Opened For Investigation Beyond Sealed Areas shall Be Sealed Immediately When Unattended. g. There Shall Be No Standing Water During Construction. This Includes Water In equipment Drip Pans And Open Containers Within The Construction Areas. All accidental Spills Must Be Cleaned Up And Dried Within 12 Hours. Remove And Dispose of Porous Materials That Remain Damp For More Than 72 Hours. h. At Completion, Remove Construction Barriers And Ceiling Protection Carefully, outside Of Normal Work Hours. Vacuum And Clean All Surfaces Free Of Dust After The removal. e. Final Cleanup: 1. Upon Completion Of Project, Or As Work Progresses, Remove All Construction Debris from Above Ceiling, Vertical Shafts And Utility Chases That Have Been Part Of The Construction. 2. Perform Hepa Vacuum Cleaning Of All Surfaces In The Construction Area. This Includes walls, Ceilings, Cabinets, Furniture (built-in Or Free Standing), Partitions, Flooring, Etc. 1. All New Air Ducts Shall Be Cleaned Prior To Final Inspection. Spec Writer Note: on Small Projects Developed At Medical Center, Engineering Officer May Tag items To Be Removed And Stored, Instead Of Noting Such Items On Drawings Or In specifications. appendix B va Information And Information System Security/privacy Language For inclusion Into Contracts, As Appropriate 1. General contractors, Contractor Personnel, Subcontractors, And Subcontractor Personnel Shall Be subject To The Same Federal Laws, Regulations, Standards, And Va Directives And Handbooks as Va And Va Personnel Regarding Information And Information System Security. 2. Access To Va Information And Va Information Systems a. A Contractor/subcontractor Shall Request Logical (technical) Or Physical Access To Va information And Va Information Systems For Their Employees, Subcontractors, And affiliates Only To The Extent Necessary To Perform The Services Specified In The Contract, agreement, Or Task Order. b. All Contractors, Subcontractors, And Third-party Servicers And Associates Working With Va information Are Subject To The Same Investigative Requirements As Those Of Va appointees Or Employees Who Have Access To The Same Types Of Information. The Level and Process Of Background Security Investigations For Contractors Must Be In Accordance with Va Directive And Handbook 0710, Personnel Suitability And Security Program. The office For Operations, Security, And Preparedness Is Responsible For These Policies And procedures. c. Contract Personnel Who Require Access To National Security Programs Must Have A Valid security Clearance. National Industrial Security Program (nisp) Was Established By executive Order 12829 To Ensure That Cleared U.s> Defense Industry Contractor personnel Safeguard The Classified Information In Their Possession While Performing work On Contracts, Programs, Bid, Or Research And Development Efforts. The department Of Veterans Affairs Does Not Have A Memorandum Of Agreement With defense Secretary Service (dss). Verification Of A Security Clearance Must Be Processed through The Special Security Officer Located In The Planning And National Security service Within The Office Of Operations, Security, And Preparedness. d. Custom Software Development And Outsourced Operations Must Be Located In The U.s. to The Maximum Extent Practical. If Such Services Are Proposed To Be Performed Abroad and Are Not Disallowed By Other Va Policy Or Mandates, The Contractor/subcontractor must State Where All Non-u.s. Services Are Provided And Detail A Security Plan, Deemed to Be Acceptable By Va, Specifically To Address Mitigation Of The Resulting Problems Of communication, Control, Data Protection, And So Forth. Location Within The U.s. May Be an Evaluation Factor. e. The Contractor Or Subcontractor Must Notify The Contracting Officer Immediately When an Employee Working On A Va System Or With Access To Va Information Is Reassigned Or leaves The Contractor Or Subcontractor S Employ. The Contracting Officer Must Also Be notified Immediately By The Contractor Or Subcontractor Prior To An Unfriendly termination. 3. Va Information Custodial Language a. Information Made Available To The Contractor Or Subcontractor By Va For The performance Or Administration Of This Contract Or Information Developed By The contractor/subcontractor In Performance Or Administration Of The Contract Shall Be Used only For Those Purposes And Shall Not Be Used In Any Other Way Without The Prior Written agreement Of The Va. This Clause Expressly Limits The Contractor/subcontractor S Rights to Use Data As Described In Rights In Data General, Far 52.227-14(d) (1). b. Va Information Should Not Be Co-mingled, If Possible, With Any Other Data On The contractors/subcontractor S Information Systems Or Media Storage Systems In Order To ensure Va Requirements Related To Data Protection And Media Sanitization Can Be Met. if Co-mingling Must Be Allowed To Meet The Requirements Of The Business Need, The contractor Must Ensure That Va S Information Is Returned To The Va Or Destroyed In accordance With Va S Sanitization Requirements. Va Reserves The Right To Conduct Onsite inspections Of Contractor And Subcontractor It Resources To Ensure Data Security controls, Separation Of Data And Job Duties, And Destruction/media Sanitization procedures Are In Compliance With Va Directive Requirements. c. Prior To Terminator Or Completion Of This Contract, Contractor/subcontractor Must Not destroy Information Received From Va, Or Gathered/created By The Contractor In The course Of Performing This Contract Without Prior Written Approval By The Va. Any Data destruction Done On Behalf Of Va By A Contractor/subcontractor Must Be Done In accordance With National Archives And Records Administration (nara) Requirements As outlined In Va Directive 6300, Records And Information Management And Its Handbook 6300.1 Records Management Procedures, Applicable Va Records Control Schedules, And va Handbook 6500.1 Electronic Media Sanitization. Self-certification By The Contractor that The Data Destruction Requirements Above Have Been Met Must Be Sent To The Va contracting Officer Within 30 Days Of Termination Of The Contract. d. The Contractor/subcontractor Must Receive, Gather, Store, Back Up, Maintain, Use, dispose Of Va Information Only In Compliance With The Terms Of The Contract And applicable Federal And Va Information Confidentiality And Security Laws, Regulations And policies. If Federal Or Va Information Confidentiality And Security Laws, Regulations And policies Become Applicable To The Va Information Or Information Systems After execution Of The Contract, Or If Nist Issues Or Updates Applicable Fips Or Special publications (sp) After Execution Of This Contract, The Parties Agree To Negotiate In Good faith To Implement The Information Confidentiality And Security Laws, Regulations And policies In This Contract. e. The Contractor/subcontractor Shall Not Make Copies Of Va Information Except As authorized And Necessary To Perform The Terms Of The Agreement Or To Preserve electronic Information Stored On Contractor/subcontractor Electronic Storage Media For restoration In Case Any Electronic Equipment Or Data Used By The contractor/subcontractor Needs To Be Restored To An Operating State. If Copies Are Made for Restoration Purposes, After The Restoration Is Complete, The Copies Must Be appropriately Destroyed. f. If Va Determines That The Contractor Has Violated Any Of The Information Confidentiality, privacy, And Security Provisions Of The Contract, It Shall Be Sufficient Grounds For Va To withhold Payment To The Contractor Or Third Party Or Terminate The Contract For Default or Terminate For Cause Under Federal Acquisition Regulation (far) Part 12. g. If A Vha Contract Is Terminated For Cause, The Associated Baa Must Also Be Terminated and Appropriate Actions Taken In Accordance With Vha Handbook 1600.01, Business associate Agreements. Absent An Agreement To Use Or Disclose Protected Health information, There Is No Business Associate Relationship. h. The Contractor/subcontractor Must Store, Transport, Or Transmit Va Sensitive information In An Encrypted Form, Using Va-approved Encryption Tools That Are, At A minimum, Fips 140-2 Validated. i. The Contractor/subcontractor S Firewall And Web Services Security Controls, If Applicable, shall Meet Or Exceed Va S Minimum Requirements. Va Configuration Guidelines Are available Upon Request. j. Except For Uses And Disclosures Of Va Information Authorized By This Contract For performance Of The Contract, The Contractor/subcontractor May Use And Disclose Va information Only In Two Other Situations: (i) In Response To A Qualifying Order Of A Court of Competent Jurisdiction, Or (ii) With Va S Prior Written Approval. The contractor/subcontractor Must Refer All Requests For, Demands For Production Of, Or inquiries About, Va Information And Information Systems To The Va Contracting Officer for Response. k. Notwithstanding The Provision Above, The Contractor/subcontractor Shall Not Release Va records Protected By Title 38 U.s.c. 5705, Confidentiality Of Medical Quality Assurance records And/or Title 38 U.s.c. 7332, Confidentiality Of Certain Health Records Pertaining to Drug Addiction, Sickle Cell Anemia, Alcoholism Or Alcohol Abuse, Or Infection With human Immunodeficiency Virus. If The Contractor/subcontractor Is In Receipt Of A Court order Or Other Requests For The Above Mentioned Information, That contractor/subcontractor Shall Immediately Refer Such Court Orders Or Other Requests To the Va Contracting Officer For Response. l. For Service That Involves The Storage, Generating, Transmitting, Or Exchanging Of Va sensitive Information But Does Not Require C&a Or An Mou-isa For System interconnection, The Contractor/subcontractor Must Complete A Contractor Security control Assessment (csca) On A Yearly Basis And Provide It To The Cor. 4. Information System Design And Development a. Information Systems That Are Designed Or Developed For On Behalf Of Va At Non-va facilities Shall Comply With All Va Directives Developed In Accordance With Fisma, Hipaa, nist, And Related Va Security And Privacy Control Requirements For Federal Information systems. This Includes Standards For The Protection Of Electronic Phi, Outlined In 45 c.f.r. Part 164, Subpart C, Information And System Security Categorization Level designation In Accordance With Fips 199 And Fips 200 With Implementation Of All baseline Security Controls Commensurate With The Fips 199 System Security categorization (reference Appendix D Of Va Handbook 6500, Va Information Security program). During The Development Cycle A Privacy Impact Assessment (pia) Must Be completed, Provided To The Cor, And Approved By The Va Privacy Service In Accordance with Directive 6507, Va Privacy Impact Assessment. b. The Contractor/subcontractor Shall Certify To The Cor That Applications Are Fully functional And Operate Correctly As Intended On Systems Using The Va Federal Desktop core Configuration (fdcc), And The Common Security Configuration Guidelines Provided by Nist Or The Va. This Includes Internet Explorer 7 Configured To Operate On Windows xp And Vista (in Protected Mode On Vista) And Future Versions, As Required. c. The Standard Installation, Operation, Maintenance, Updating, And Patching Of Software shall Not Alter The Configuration Settings From The Va Approved And Fdcc Configuration. information Technology Staff Must Also Use The Windows Installer Service For Installation to The Default Program Files Directory And Silently Install And Uninstall. d. Applications Designed For Normal End Users Shall Run In The Standard User Context without Elevated System Administration Privileges. e. The Security Controls Must Be Designed, Developed, Approved By Va, And Implemented in Accordance With The Provisions Of Va Security System Development Life Cycle As outlined In Nist Special Publication 800-37, Guide For Applying The Risk Management framework To Federal Information Systems, Va Handbook 6500, Information Security program And Va Handbook 6500.5, Incorporating Security And Privacy In System development Lifecycle. f. The Contractor/subcontractor Is Required To Design, Develop, Or Operate A System Of records Notice (sor) On Individuals To Accomplish An Agency Function Subject To The privacy Act Of 1974, (as Amended), Public Law 93-579, December 31, 1974 (5 U.s.c. 552a) And Applicable Agency Regulations. Violation Of The Privacy Act May Involve The imposition Of Criminal And Civil Penalties. g. The Contractor/subcontractor Agrees To: (1) Comply With The Privacy Act Of 1974 (the Act) And The Agency Rules And Regulations issued Under The Act In The Design, Development, Or Operation Of Any System Of records On Individuals To Accomplish An Agency Function When The Contract specifically Identifies: a. The Systems Of Records (sor); And b. The Design, Development, Or Operation Work That The Contractor/subcontractor is To Perform; i. Include The Privacy Act Notification Contained In This Contract In Every solicitation And Resulting Subcontract And In Every Subcontract Awarded without A Solicitation, When The Work Statement In The Proposed Subcontract requires The Redesign, Development, Or Operation Of A Sor On Individuals that Is Subject To The Privacy Act; And ii. Include This Privacy Act Clause, Including This Subparagraph (3), In All subcontracts Awarded Under This Contract Which Requires The Design, development, Or Operation Of Such A Sor. h. In The Event Of Violations Of The Act, A Civil Action May Be Brought Against The Agency involved When The Violation Concerns The Design, Development, Or Operation Of A sor On Individuals To Accomplish An Agency Function, And Criminal Penalties May Be imposed Upon The Officers Or Employees Of The Agency When The Violation Concerns the Operation Of Sor On Individuals To Accomplish An Agency Function. For Purposes of The Act, When The Contract Is For The Operation Of A Sor On Individuals To accomplish An Agency Function, The Contractor/subcontractor Is Considered To Be An employee Of The Agency. (1) Operation Of A System Of Records Means Performance Of Any Of The Activities associated With Maintaining The Sor, Including The Collection, Use, maintenance, And Dissemination Of Records. (2) Record Means Any Item, Collection, Or Grouping Of Information About An individual That Is Maintained By An Agency, Including, But Not Limited To, education, Financial Transactions, Medical History, And Criminal Or Employment history And Contains The Person S Name, Or Identifying Number, Symbol, Or Any other Identifying Particular Assigned To The Individual, Such As A Fingerprint Or voiceprint, Or A Photograph. (3) System Of Records Means A Group Of Any Records Under The Control Of Any agency From Which Information Is Retrieved By The Name Of The Individual Or By some Identifying Number, Symbol, Or Other Identifying Particular Assigned To The individual. i. The A/e Shall Ensure The Security Of All Procured Or Developed Systems And technologies, Including Their Subcomponents (hereinafter Referred To As Systems ), throughout The Life Of This Contract And Any Extension, Warranty, Or Maintenance periods. This Includes, But Is Not Limited To Workarounds, Patches, Hotfixes, upgrades, And Any Physical Components (hereafter Referred To As Security Fixes) which May Be Necessary To Fix All Security Vulnerabilities Published Or Known To The a/e Anywhere In The Systems Including Operating Systems And Firmware. The A/e shall Ensure That Security Fixes Shall Not Negatively Impact The Systems. j. The A/e Shall Notify Va Within 24 Hours Of The Discovery Or Disclosure Of Successful exploits Of The Vulnerability Which Can Compromise The Security Of The Systems (including The Confidentiality Or Integrity Of Its Data And Operations, Or The availability Of The System). Such Issues Shall Be Remediated As Quickly As Is Practical, but In No Event Longer Than 7 Days. k. When The Security Fixes Involve Installing Third Party Patches (such As Microsoft Os patches Or Adobe Acrobat), The A/e Will Provide Written Notice To The Va That The patch Has Been Validated As Not Affecting The System Within 10 Working Days. When the A/e Is Responsible For Operations Or Maintenance Of The Systems, They Shall Apply the Security Fixes Within 7 Days. l. All Other Vulnerabilities Shall Be Remediated As Specified In This Paragraph In A Timely manner Based On Risk, But Within 60 Days Of Discovery Or Disclosure. Exceptions To this Paragraph (e.g. For The Convenience Of Va) Shall Only Be Granted With Approval of The Contracting Officer And The Va Assistant Secretary For Office Of Information and Technology. 5. Information System Hosting, Operation, Maintenance, Or Use a. For Information Systems That Are Hosted, Operated, Maintained, Or Used On Behalf Of Va at Non-va Facilities, Contractors/subcontractors Are Fully Responsible And Accountable for Ensuring Compliance With All Hipaa, Privacy Act, Fisma, Nist, Fips, And Va Security and Privacy Directives And Handbooks. This Includes Conducting Compliant Risk assessments, Routine Vulnerability Scanning, System Patching And Change Management procedures, And The Completion Of An Acceptable Contingency Plan For Each System. The contractor S Security Control Procedures Must Be Equivalent, To Those Procedures Used to Secure Va Systems. A Privacy Impact Assessment (pia) Must Also Be Provided Ot The cor And Approved By Va Privacy Service Prior To Operational Approval. All External internet Connections To Va S Network Involving Va Information Must Be Reviewed And approved By Va Prior To Implementation. b. Adequate Security Controls For Collecting, Processing, Transmitting, And Storing Of personally Identifiable Information (pii), As Determined By The Va Privacy Service, Must be In Place, Tested, And Approved By Va Prior To Hosting, Operation, Maintenance, Or Use of The Information System, Or Systems By Or On Behalf Of Va. These Security Controls Are to Be Assessed And Stated Within The Pia And If These Controls Are Determined Not To Be in Place, Or Inadequate, A Plan Of Action And Milestones (poa&m) Must Be Submitted and Approved Prior To The Collection Of Pii. c. Outsourcing (contractor Facility, Contractor Equipment Or Contractor Staff) Of Systems Or network Operations, Telecommunications Services, Or Other Managed Services Requires certification And Accreditation (authorization) (c&a) Of The Contractor S Systems In accordance With Va Handbook 6500.3, Certification And Accreditation And/or The Va ocs Certification Program Office. Government-owned (government Facility Or government Equipment) Contractor-operated Systems, Third Party Or Business Partner networks Require Memorandums Of Understanding And Interconnection Agreements (mou-isa) Which Detail What Data Types Are Shared, Who Has Access, And The appropriate Level Of Security Controls For All Systems Connected To Va Networks. d. The Contractor/subcontractor S System Must Adhere To All Fisma, Fips, And Nist standards Related To The Annual Fisma Security Controls Assessment And Review And update The Pia. Any Deficiencies Noted During This Assessment Must Be Provided To The va Contracting Officer And The Iso For Entry Into Va S Poa&m Management Process. the Contractor/subcontractor Must Use Va S Poa&m Process To Document Planned remedial Actions To Address Any Deficiencies In Information Security Policies, Procedures, and Practices, And The Completion Of Those Activities. Security Deficiencies Must Be corrected Within The Timeframes Approved By The Government. contractor/subcontractor Procedures Are Subject To Periodic, Unannounced assessments By Va Officials, Including The Va Office Of Inspector General. The Physical security Aspects Associated With Contractor/subcontractor Activities Must Also Be Subject to Such Assessments. If Major Changes To The System Occur That May Affect The Privacy or Security Of The Data Or The System, The C&a Of The System May Need To Be Reviewed, retested And Re-authorized Per Va Handbook 6500.3. This May Require Reviewing And updating All Of The Documentation (pia, System Security Plan, Contingency Plan). The certification Program Office Can Provide Guidance On Whether A New C&a Would Be necessary. e. The Contractor/subcontractor Must Conduct An Annual Self-assessment On All Systems and Outsourced Services As Required. Both Hard Copy And Electronic Copies Of The assessment Must Be Provided To The Cor. The Government Reserves The Right To conduct Such An Assessment Using Government Personnel Or Another contractor/subcontractor. The Contractor/subcontractor Must Take Appropriate And timely Action (this Can Be Specified In The Contract) To Correct Or Mitigate Any weaknesses Discovered During Such Testing, Generally At No Additional Cost. f. Va Prohibits The Installation And Use Of Personally-owned Or Contractor/subcontractor Owned equipment Or Software On Va S Network. If Non-va Owned Equipment Must Be used To Fulfill The Requirements Of A Contract, It Must Be Stated In The Service Agreement, sow, Or Contract. All Of The Security Controls Required For Government Furnished equipment (gfe) Must Be Utilized In Approved Or Other Equipment (oe) And Must Be funded By The Owner Of The Equipment. All Remote Systems Must Be Equipped With, And use, A Va-approved Antivirus (av) Software And A Personal (host-based Or Enclaved based) Firewall That Is Configured With A Va-approved Configuration. Software Must Be kept Current, Including All Critical Updates And Patches. Owners Of Approved Oe Are responsible For Providing And Maintaining The Anti-viral Software And The Firewall On The non-va Owned Oe. g. All Electronic Storage Media Used On Non-va Leased Or Non-va Owned It Equipment That is Used To Store, Process, Or Access Va Information Must Be Handled In Adherence With va Handbook 6500.1, Electronic Media Sanitization Upon: (i) Completion Or Termination of The Contract Or (ii) Disposal Or Return Of The It Equipment By The contractor/subcontractor, Whichever Is Earlier. Media (hard Drives, Optical Disks, Cds, back-up Tapes, Etc.) Used By The Contractors/subcontractors That Contain Va Information must Be Returned To The Va For Sanitization Or Destruction Or The contractor/subcontractor Must Self-certify That The Media Has Been Disposed Of Per 6500.1 Requirements. This Must Be Completed Within 30 Days Of Termination Of The contract. h. Bio-medical Devices And Other Equipment Or Systems Containing Media (hard Drives, optical Disks, Etc.) With Va Sensitive Information Must Not Be Returned To The A/e At The end Of Lease, For Trade-in, Or Other Purposes. The Options Are: (1) A/e Must Accept The System Without The Drive; (2) Va S Initial Medical Device Purchase Includes A Spare Drive Which Must Be Installed in Place Of The Original Drive At Time Of Turn-in; Or (3) Va Must Reimburse The Company For Media At A Reasonable Open Market replacement Cost At Time Of Purchase (4) Due To The Highly Specialized And Sometimes Proprietary Hardware And Software associated With Medical Equipment/systems, If It Is Not Possible For The Va To Retain the Hard Drive, Then; (a) The Equipment A/e Must Have An Existing Baa If The Device Being Traded In Has sensitive Information Stored On It And Hard Drive(s) From The System Are Being returned Physically Intact; And (b) Any Fixed Hard Drive On The Device Must Be Non-destructively Sanitized To The greatest Extent Possible Without Negatively Impacting System Operation. selective Clearing Down To Patient Data Folder Level Is Recommended Using Va approved And Validated Overwriting Technologies/methods/tools. Applicable media Sanitization Specifications Need To Be Pre-approved And Described In The purchase Order Or Contract. 620-21-205 Montrose River Front Storm Damage Repairs va Medical Center Fdr Montrose, New York page 19 Of 21 (c) A Statement Needs To Be Signed By The Director (system Owner) That States That the Drive Could Not Be Removed And That (a) And (b) Controls Above Are In Place and Completed. The Iso Needs To Maintain The Documentation. 6. Security Incident Investigation a. The Term Security Incident Means An Event That Has, Or Could Have, Resulted In unauthorized Access To, Loss Or Damage To Va Assets, Or Sensitive Information, Or An action That Breaches Va Security Procedures. The Contractor/subcontractor Shall immediately Notify The Cor And Simultaneously, The Designated Iso And Privacy Officer for The Contract Of Any Known Or Suspected Security/privacy Incidents, Or Any unauthorized Disclosures Of Sensitive Information, Including That Contained In System(s) to Which The Contractor/subcontractor Has Access. b. To The Extent Known By The Contractor/subcontractor, The Contractor/subcontractor S notice To Va Shall Identify The Information Involved, The Circumstances Surrounding The incident (including To Whom, How, When, And Where The Va Information Or Assets Were placed At Risk Or Compromised), And Any Other Information That The contractor/subcontractor Considers Relevant. c. With Respect To Unsecured Protected Health Information, The Business Associate Is deemed To Have Discovered A Data Breach When The Business Associate Knew Or Should have Known Of A Breach Of Such Information. Upon Discovery, The Business Associate must Notify The Covered Entity Of The Breach. Notifications Need To Be Made In accordance With The Executed Business Associate Agreement. d. In Instances Of Theft Or Break-in Or Other Criminal Activity, The Contractor/subcontractor must Concurrently Report The Incident To The Appropriate Law Enforcement Entity (or entities) Of Jurisdiction, Including The Va Oig And Security And Law Enforcement. The contractor, Its Employees, And Its Subcontractors And Their Employees Shall Cooperate with Va And Any Law Enforcement Authority Responsible For The Investigation And prosecution Of Any Possible Criminal Law Violation(s) Associated With Any Incident. The contractor/subcontractor Shall Cooperate With Va In Any Civil Litigation To Recover Va information, Obtain Monetary Or Other Compensation From A Third Party For Damages arising From Any Incident, Or Obtain Injunctive Relief Against Any Third Party Arising From, or Related To, The Incident. 7. Liquidated Damages For Data Breach a. Consistent With The Requirements Of 38 U.s.c. §5725, A Contract May Require Access To sensitive Personal Information. If So, The Contractor Is Liable To Va For Liquidated Damages in The Event Of A Data Breach Or Privacy Incident Involving Any Spi The contractor/subcontractor Processes Or Maintains Under This Contract. b. The Contractor/subcontractor Shall Provide Notice To Va Of A Security Incident As Set forth In The Security Incident Investigation Section Above. Upon Such Notification, Va must Secure From A Non-department Entity Or The Va Office Of Inspector General An independent Risk Analysis Of The Data Breach To Determine The Level Of Risk Associated With the Data Breach For The Potential Misuse Of Any Sensitive Personal Information Involved In the Data Breach. The Term Data Breach Means The Loss, Theft, Or Other Unauthorized access, Or Any Access Other Than That Incidental To The Scope Of Employment, To Data containing Sensitive Personal Information, In Electronic Or Printed For, That Results In The potential Compromise Of The Confidentiality Or Integrity Of The Data. Contractor Shall Fully cooperate With The Entity Performing The Risk Analysis. Failure To Cooperate May Be deemed A Material Breach And Grounds For Contract Termination. c. Each Risk Analysis Shall Address All Relevant Information Concerning The Data Breach, including The Following: (1) Nature Of The Event (loss, Theft, Unauthorized Access); (2) Description Of The Event, Including (a) Date Of Occurrence (b) Data Elements Involved, Including Any Pii, Such As Full Name, Social Security number, Date Of Birth, Home Address, Account Number, Disability Code; (3) Number Of Individuals Affected Or Potentially Affected; (4) Names Of Individuals Or Groups Affected Or Potentially Affected; (5) Ease Of Logical Data Access To The Lost, Stolen Or Improperly Accessed Data In Light Of the Degree Of Protection For The Data, E.g., Unencrypted, Plain Text; (6) Amount Of Time The Data Has Been Out Of Va Control; (7) The Likelihood That The Sensitive Personal Information Will Or Has Been Compromised (made Accessible To And Usable By Unauthorized Persons); (8) Known Misuses Of Data Containing Personal Information, If Any; (9) Assessment Of The Potential Harm To The Affected Individuals; (10) Data Breach Analysis As Outlined In 6500.2 Handbook, Management Of Security and Privacy Incidents, As Appropriate; And (11) Whether Credit Protection Services May Assist Record Subjects In Avoiding Or mitigating The Results Of Identity Theft Based On The Sensitive Personal Information that May Have Been Compromised. d. Based On The Determinations Of The Independent Risk Analysis, The Contractor Shall Be responsible For Paying To The Va Liquidated Damages In The Amount Of $37.50 Per Affected individual To Cover The Cost Of Providing Credit Protection Services To Affected Individuals consisting Of The Following: (1) Notification; (2) One Year Of Credit Monitoring Services Consisting Of Automatic Daily Monitoring Of At least 3 Relevant Credit Bureau Reports; (3) Data Breach Analysis; (4) Fraud Resolution Services, Including Writing Dispute Letters, Initiating Fraud Alerts And credit Freezes, To Assist Affected Individuals To Bring Matters To Resolution; (5) One Year Of Identity Theft Insurance With $20,000.00 Coverage At $0 Deductible; And (6) Necessary Legal Expenses The Subjects May Incur To Repair Falsified Or Damaged Credit records, Histories, Or Financial Affairs. 8. Security Controls Compliance Testing on A Periodic Basis, Va, Including The Office Of Inspector General, Reserves The Right To evaluate Any Or All Of The Security Controls And Privacy Practices Implemented By The contractor Under The Clauses Contained Within The Contract. With 10 Working-day S Notice, at The Request Of The Government, The Contractor Must Fully Cooperate And Assist In A government-sponsored Security Controls Assessment At Each Location Wherein Va information Is Processed Or Stored, Or Information Systems Are Developed, Operated, maintained, Or Used On Behalf Of Va, Including Those Initiated By The Office Of Inspector general. The Government May Conduct A Security Control Assessment On Shorter Notice (to include Unannounced Assessments) As Determined By Va In The Event Of A Security Incident or At Any Other Time. 9. Training a. All Contractor Employees And Subcontractor Employees Requiring Access To Va information And Va Information Systems Shall Complete The Following Before Being granted Access To Va Information And Its Systems: (1) Sign And Acknowledge (either Manually Or Electronically) Understanding Of And responsibilities For Compliance With The Contractor Rules Of Behavior, Appendix E relating To Access To Va Information And Information Systems; (2) Successfully Complete The Va Cyber Security Awareness And Rules Of Behavior training And Annually Complete Required Security Training; (3) Successfully Complete The Appropriate Va Privacy Training And Annually Complete required Privacy Training; And (4) Successfully Complete Any Additional Cyber Security Or Privacy Training, As Required for Va Personnel With Equivalent Information System Access [to Be Defined By The Va program Official And Provided To The Contracting Officer For Inclusion In The solicitation Document E.g., Any Role-based Information Security Training Required In accordance With Nist Special Publication 800-1 6, Information Technology Security training Requirements.] b. The Contractor Shall Provide To The Contracting Officer And/or The Cor A Copy Of The training Certificates And Certification Of Signing The Contractor Rules Of Behavior For Each applicable Employee Within 1 Week Of The Initiation Of The Contract And Annually thereafter, As Required. c. Failure To Complete The Mandatory Annual Training And Sign The Rules Of Behavior annually, Within The Timeframe Required, Is Grounds For Suspension Or Termination Of All physical Or Electronic Access Privileges And Removal From Work On The Contract Until Such time As The Training And Documents Are Complete. evaluation Process award Will Be Made To The Best Price, As Determined To Be The Most Beneficial To The Government. Please Read Each Section Below Carefully For The Submittals And Information Required As Part Of The Evaluation. Failure To Provide The Requested Information Below Shall Be Considered Non-compliant And Your Quote Could Be Removed From The Evaluation Process. vendors Quotes Shall Be Evaluated Under Far Part 13.106-2(b) -- Evaluation Of Quotations Or Offers. The Government Will Award A Contract Resulting From This Solicitation To The Responsible Vendor Whose Quote Conforming To The Solicitation Will Be Most Advantageous To The Government, Price, Past Performance, And Capabilities. The Following Factors Shall Be Used To Evaluate Offers: 1. Price (follow These Instructions): a. Vendor Shall Provide A Quote For The Scheduled Drop Off Dates Above. Vendors Must Also Provide All Applicable Labor Rates For The Solicited Services So They Can Be Compared To The Applicable Wage Determination For Compliance With The Service Contract Labor Standards (scls) If Applicable. b. Ensure Your Validation Is Current In The System For Award Management (sam)( Https://www.sam.gov). Federal Acquisition Regulations Require That Federal Contractors Register In The Sam Database At Http://www.sam.gov And Enter All Mandatory Information Into The System. Award Cannot Be Made Until The Contractor Has Registered. Offerors Are Encouraged To Ensure That They Are Registered In Sam Prior To Submitting Their Quotation. 2. Capable: The Vendors Quote Shall Be Evaluated To Determine If The Organization Has The Experience And Capabilities To Provide The Requested Services In Accordance With The Statement Of Work In A Timely Efficient Manner. a. Contractor Shall Demonstrate Their Corporate Experience And Approach To Meet All Requirements. b. Contractor Shall Provide A List Of All Services Included In The Price. c. Contractor Shall Provide All Current And Relevant Licenses And/or Certifications For The State Of Massachusetts If Applicable. d. If You Are Planning To Sub-contract Some Or All Of This Work, Please Provide The Name And Address(s) Of All Subcontractor(s) (if Applicable) And A Description Of Their Planned Subcontracting Effort. e. Contractor Shall State And/or Demonstrate Their Ability To Meet All Requirements And Deliverables Stated In This Solicitation And Statement Of Work. Any Additional Information To Further Identify How The Company Is Experienced And Capable Of Performing The Requested Work Is Welcome. 3. Veterans Preference Factor (per 852.215-70): The Government Will Assign Evaluation Credit For An Offeror (prime Contractor) Which Is A Service-disabled Veteran-owned (sdvosb) Or A Veteran-owned Small Business (vosb). Non-sdvosb/vosb Offerors Proposing To Use Sdvosbs Or Vosbs As Subcontractors Will Receive Some Consideration Under This Evaluation Factor. a. For Sdvosbs/vosbs: In Order To Receive Credit Under This Factor, An Offeror Shall Submit A Statement Of Compliance That It Qualifies As A Sdvosb Or Vosb In Accordance With Vaar 852.215-70, Service-disabled Veteran-owned And Veteran-owned Small Business Evaluation Factors . Offerors Are Cautioned That They Must Be Registered And Verified In Vendor Information Pages (vip) Database (http://www.vetbiz.gov). i. Verified Sdvosbs Will Receive A 5% Price Credit (e.g. If A Sdvosb Submits An Offer Of $100.00, It Will Be Evaluated As If It Submitted An Offer Of $95.00). ii. Verified Vosbs Will Received A 2.5% Price Credit (e.g. If A Vosb Submits An Offer Of $100.00, It Will Be Evaluated As If It Submitted An Offer Of $97.50). the Full Text Of Far Provisions Or Clauses May Be Accessed Electronically At Http://acquisition.gov/comp/far/index.html. (x) Please Include A Completed Copy Of The Provision At 52.212-3, Offeror Representations And Certifications -- Commercial Items, With Your Offer Via The Sam.gov Website Or A Written Copy. (xi) Clause 52.212-4, Contract Terms And Conditions -- Commercial Items, Applies To This Acquisition In Addition To The Following Addenda S To The Clause: 52.252-2 Clauses Incorporated By Reference (feb 1998), 52.203-17 Contractor Employee Whistleblower Rights And Requirement To Inform Employees Of Whistleblower Rights (jun 2020), 52.204-4 Printed Or Copied Double-sided On Postconsumer Fiber Content Paper (may 2011), 52.204-13 System For Award Management Maintenance (oct 2018), 52.204-18 Commercial Government Entity Code Maintenance (aug 2020), 52.217-9 Option To Extend The Term Of The Contract (mar 2000), 52.228-5 Insurance-work On A Government Installation (jan 1997), 52.232-40 Providing Accelerated Payments To Small Business Subcontracting (dec 2013), 852.212-70 Provisions And Clauses Applicable To Va Acquisitions Of Commercial Items (apr 2020) 852.203-70 Commercial Advertising 852.219-74, Va Notice Of Total Service-disabled Veteran-owned Small Business Set-aside 852.232-72 Electronic Submissions Of Payment Requests 852.233-70 Protest Content/alternative Dispute Resolution 852.233-71 Alternate Protest Procedure 852.270-1 Representatives Of Contracting Officers 852.219-74 Limitations On Subcontracting Monitoring And Compliance (jul 2018) as Prescribed In 819.7203(a) Insert The Following Clause: (a) This Solicitation Includes 852.219-74, Va Notice Of Total Service-disabled Veteran-owned Small Business Set-aside, (b) Accordingly, Any Contract Resulting From This Solicitation Is Subject To The Limitation On Subcontracting Requirements In 13 Cfr 125.6. The Contractor Is Advised That In Performing Contract Administration Functions, The Contracting Officer May Use The Services Of A Support Contractor(s) Retained By Va To Assist In Assessing The Contractor S Compliance With The Limitations On Subcontracting Or Percentage Of Work Performance Requirements Specified In The Clause. To That End, The Support Contractor(s) May Require Access To Contractor S Offices Where The Contractor S Business Records Or Other Proprietary Data Are Retained And To Review Such Business Records Regarding The Contractor S Compliance With This Requirement. (c) All Support Contractors Conducting This Review On Behalf Of Va Will Be Required To Sign An Information Protection And Non-disclosure And Disclosure Of Conflicts Of Interest Agreement To Ensure The Contractor S Business Records Or Other Proprietary Data Reviewed Or Obtained In The Course Of Assisting The Contracting Officer In Assessing The Contractor For Compliance Are Protected To Ensure Information Or Data Is Not Improperly Disclosed Or Other Impropriety Occurs. (d) Furthermore, If Va Determines Any Services The Support Contractor(s) Will Perform In Assessing Compliance Are Advisory And Assistance Services As Defined In Far 2.101, Definitions, The Support Contractor(s) Must Also Enter Into An Agreement With The Contractor To Protect Proprietary Information As Required By Far 9.505-4, Obtaining Access To Proprietary Information, Paragraph (b). The Contractor Is Required To Cooperate Fully And Make Available Any Records As May Be Required To Enable The Contracting Officer To Assess The Contractor S Compliance With The Limitations On Subcontracting Or Percentage Of Work Performance Requirement. (end Of Clause) 852.219-77 Va Notice Of Limitations On Subcontracting Certificate Of Compliance For Services And Construction. as Prescribed In 819.7009(c) Insert The Following Clause: va Notice Of Limitations On Subcontracting Certificate Of Compliance For Services And Construction (sep 2021) (deviation) (a) Pursuant To 38 U.s.c. 8127(k)(2), The Offeror Certifies That (1) If Awarded A Contract (see Far 2.101 Definition), It Will Comply With The Limitations On Subcontracting Requirement As Provided In The Solicitation And The Resultant Contract, As Follows: [contracting Officer Check The Appropriate Box Below Based On The Predominant Naics Code Assigned To The Instant Acquisition As Set Forth In Far 19.102.] (i) [x] Services. In The Case Of A Contract For Services (except Construction), The Contractor Will Not Pay More Than 50% Of The Amount Paid By The Government To It To Firms That Are Not Vip-listed Sdvosbs As Set Forth In 852.219-74 Or Vosbs As Set Forth In 852.219-11. Any Work That A Similarly Situated Vip-listed Subcontractor Further Subcontracts Will Count Towards The 50% Subcontract Amount That Cannot Be Exceeded. Other Direct Costs May Be Excluded To The Extent They Are Not The Principal Purpose Of The Acquisition And Small Business Concerns Do Not Provide The Service As Set Forth In 13 Cfr 125.6. (ii) [ ] General Construction. In The Case Of A Contract For General Construction, The Contractor Will Not Pay More Than 85% Of The Amount Paid By The Government To It To Firms That Are Not Vip-listed Sdvosbs As Set Forth In 852.219-74 Or Vosbs As Set Forth In 852.219-11. Any Work That A Similarly Situated Vip-listed Subcontractor Further Subcontracts Will Count Towards The 85% Subcontract Amount That Cannot Be Exceeded. Cost Of Materials Are Excluded And Not Considered To Be Subcontracted. (iii) Special Trade Construction Contractors. In The Case Of A Contract For Special Trade Contractors, The Contractor Will Not Pay More Than 75% Of The Amount Paid By The Government To It To Firms That Are Not Vip-listed Sdvosbs As Set Forth In 852.219-74 Or Vosbs As Set Forth In 852.219-11. Any Work That A Similarly Situated Subcontractor Further Subcontracts Will Count Towards The 75% Subcontract Amount That Cannot Be Exceeded. Cost Of Materials Are Excluded And Not Considered To Be Subcontracted. (2) The Offeror Acknowledges That This Certification Concerns A Matter Within The Jurisdiction Of An Agency Of The United States. The Offeror Further Acknowledges That This Certification Is Subject To Title 18, United States Code, Section 1001, And, As Such, A False, Fictitious, Or Fraudulent Certification May Render The Offeror Subject To Criminal, Civil, Or Administrative Penalties, Including Prosecution. (3) If Va Determines That An Sdvosb/vosb Awarded A Contract Pursuant To 38 U.s.c. 8127 Did Not Act In Good Faith, Such Sdvosb/vosb Shall Be Subject To Any Or All Of The Following: (i) Referral To The Va Suspension And Debarment Committee; (ii) A Fine Under Section 16(g)(1) Of The Small Business Act (15 U.s.c. 645(g)(1)); And (iii) Prosecution For Violating Section 1001 Of Title 18. (b) The Offeror Represents And Understands That By Submission Of Its Offer And Award Of A Contract It May Be Required To Provide Copies Of Documents Or Records To Va That Va May Review To Determine Whether The Offeror Complied With The Limitations On Subcontracting Requirement Specified In The Contract. The Contracting Officer May, At Their Discretion, Require The Contractor To Demonstrate Its Compliance With The Limitations On Subcontracting At Any Time During Performance And Upon Completion Of A Contract If The Information Regarding Such Compliance Is Not Already Available To The Contracting Officer. Evidence Of Compliance Includes, But Is Not Limited To, Invoices, Copies Of Subcontracts, Or A List Of The Value Of Tasks Performed. (c) The Offeror Further Agrees To Cooperate Fully And Make Available Any Documents Or Records As May Be Required To Enable Va To Determine Compliance With The Limitations On Subcontracting Requirement. The Offeror Understands That Failure To Provide Documents As Requested By Va May Result In Remedial Action As The Government Deems Appropriate. (d) Offeror Completed Certification/fill-in Required. The Formal Certification Must Be Completed, Signed, And Returned With The Offeror S Bid, Quotation, Or Proposal. The Government Will Not Consider Offers For Award From Offerors That Do Not Provide The Certification, And All Such Responses Will Be Deemed Ineligible For Evaluation And Award. i Hereby Certify That If Awarded The Contract, [insert Name Of Offeror] Will Comply With The Limitations On Subcontracting Specified In This Clause And In The Resultant Contract. I Further Certify That I Am Authorized To Execute This Certification On Behalf Of [insert Name Of Offeror]. printed Name Of Signee: _________________________________ printed Title Of Signee: ________________________________ signature: ______________________________________________ date: ___________________________________________________ company Name And Address: _____________________________________________________________________________________ (end Of Clause) 852.242-71 Administrative Contracting Officer. as Prescribed In 842.271, Insert The Following Clause: administrative Contracting Officer (oct 2020) the Contracting Officer Reserves The Right To Designate An Administrative Contracting Officer (aco) For The Purpose Of Performing Certain Tasks/duties In The Administration Of The Contract. Such Designation Will Be In Writing Through An Aco Letter Of Delegation And Will Identify The Responsibilities And Limitations Of The Aco. A Copy Of The Aco Letter Of Delegation Shall Be Furnished To The Contractor. (end Of Clause) (xii) Clause At 52.212-5, Contract Terms And Conditions Required To Implement Statutes Or Executive Orders -- Commercial Items, Applies To This Acquisition And In Addition To The Following Far Clauses Cited, Which Are Also Applicable To The Acquisition: 52.203-6, 52.204-10, 52.209-6, 52.219-4, 52.219-8, 52.219-6, 52.219-28, 52.222-3, 52.222-21, 52.222-26, 52.222-35, 52.222-36, 52.222-37, 52.222-40, 52.222-50, 52.223-18, 52.225-3, 52.225-13, 52.232-33, 52.222-41 (wage Determination Central Western Massachusetts Vamc Hampshire County Wd 2015-4095 (rev-21), 52.222-42, 52.222-43, 52.222-55, 52.222-62 (xiii) All Contract Requirement(s) And/or Terms And Conditions Are Stated Above. (xiv) The Defense Priorities And Allocations System (dpas) And Assigned Rating Are Not Applicable To This Requirement. (xv) Rfq Questions Are Due Nlt 01/16/2024 At 17:00 Pm Est. Rfq Responses Are Due Nlt 01/20/2024 At 17:00 Pm Est. Rfq Responses Must Be Submitted Via Email With Rfq #36c24124q0249 In The Subject Line To: Nathan.langone@va.gov Hand Deliveries Shall Not Be Accepted. (xvi) The Poc Of This Solicitation Is Nathan Langone (nathan.langone@va.gov)

Details: Undp-hnd-00105 Supply, installation and commissioning of HVAC equipment & The United Nations Development Program (UNDP) appreciates your quote for supply, installation and commissioning under the turn-key modality. of Precision Air Conditioning Equipment as Detailed in Annex 1 of this Sdc. This Quote Request is Managed Exclusively Through Our Quantum Supplier Portal. Suppliers can use the online portal to view documents related to the quote request and bid submission process, communicate with the procurement office via the messaging feature, and submit their bid. It is important to mention that the term "negotiation" is used to refer to an acquisition process in Quantum. If you are interested in submitting an offer and have never entered the Supplier Portal, you must register on the Quantum Portal using the exclusive registration link to enter your supplier profile with UNDP in Honduras: http://bit.ly/40hgahy Please Follow The steps indicated in the Video Tutorial and in the Registration Instructions for Quantum Suppliers that are available in the "acquisitions" section of the UNDP website in Honduras: Https://www.undp.org/es/honduras/ Procurement If You Already Have a Supplier Profile in Quantum, Please Login to the Supplier Portal Using the Following Link http://supplier.quantum.partneragencies.org Then Search for the Deal With Reference undp-hnd-00105 and Upload Your Offer Following the Offer Submission Guide, Also Available in the "Procurement" Section of the UNDP Honduras Website. Note: if you recently participated in a purchasing process, tender, had a contract or purchase order or any type of commercial link with the UNDP in Honduras in the last few months, prior to registering your profile in Quantum, please write to us at our Email Account acquisitionspnudhn@undp.org since it is possible that your profile/username currently exists in quantum, in these cases we can help you restore and/or activate your account. Deadline for Submission of the Offer in Quantum: December 18, 2023 Until 5:30 Pm (Official Time of the Republic of Honduras GMT-6). Offers Sent Through Postal Service, Courier, Email Or Other Means Will Not Be Accepted. Previous Meeting: An Information Meeting will be held prior to the presentation of offers, attendance is not mandatory, however, it is highly recommended. Date: Wednesday, December 6, 2023 Time: 10:00 Am (Official Time of the Republic of Honduras) Place: Zoom Platform Suppliers interested in participating must register using the registration link indicated below: Https://undp .zoom.us/webinar/register/wn_nxbl08ozscafwm0fpcmchg Additionally, a technical visit will be carried out: A technical visit will be carried out to the premises where the air conditioning equipment will be installed so that interested companies can verify the existing conditions (expanded in Annex 1 supply and Installation of Air Conditioning Equipment/considerations prior to installation), in accordance with the following detail: time: Starting at 10:00 am Date: Thursday, December 7, 2023 Address: Ip Room, Second Level of the Technical Building, Hondutel Miraflores Campus To confirm your attendance you must send written notification to the following email account: Adquisicionespnudhn@undp.org; No later than December 6, 2023 to confirm your participation, indicating the name, role in the company and identification card number of each participant. A maximum of two (2) representatives of each interested company will be admitted. This Visit is Not Mandatory. However, if the Bidder does not attend, he/she will not be able to claim, during the execution of the contract or purchase order, lack of knowledge of the physical conditions or other existing situations for the preparation of his/her offer, so he/she will not be able to present claims for this fact. Requests for Clarifications: Queries and Requests must be submitted in writing through the Quantum Messaging Function No later than Friday, December 8, 2023. Responses will be communicated to Registered Suppliers from the same Portal. In the event of making queries to people or email addresses, even if they are from the UNDP, the UNDP will not be obliged to respond to them or confirm having officially received them. Technical Assistance If you experience any inconvenience in the process of registering and submitting an offer in Quantum, please write to us at: comprapnudhn@undp.org To ensure that your case is resolved as quickly as possible, you are requested to share the following details: • The Id Or Reference Code Of The Negotiation, In This Case: Undp-hnd-00086 • Email Under Which You Registered On The Platform And Name Of The Company. • A brief description of the steps you took before finding the problem. • Screenshots of any errors or warning messages. Avoid Registering and Posting Your Proposal Too Close to the Submission Deadline Date and Time. If you face problems with the last minute system, there will be no possibility to provide you with technical support. At the end of this Notice, there is a link called "negotiation Document(s)", where the documents of this negotiation process are incorporated (list of requirements and technical specifications, offer submission forms, etc.), which you can Download Easily From Any Device. Before Accessing The Negotiation Documents, Please Click On The Link Provided. Best regards, UNDP Procurement Unit in Honduras

Tender Id: NBCC/RBG/CRSU/HVAC/2023/52 | Ventilation System Works In Basement Yogshala Multipurpose Hall At Crsu Jind Haryana

Tender Id: HSCC/SJH/NEB-SSB/HVAC/2024/70 | Tender For Supply, Installation, Testing And Commissioning Of Air Conditioning Work Including Associated Work At Mgps Plant Of

Tender Id: DSL-TKD-Elect-HVAC-OT-24-DELHI DIVISION-MECHANICAL/NORTHERN RLY | Amc Of Electric Loco Cab Air Conditioners Mounted On Roof Of Electric Locomotives